Menu
▾
▴
[Jython-users] Embedding a python console in java - security problems
|
From: Boudewijn R. <bo...@re...> - 2000-12-01 15:00:45
|
Well, thanks to all the help I've succeeded in getting the Console.py compiled in to a jarfile, and I can call the code from my application. However, the app uses the java.security features, and it appears that the Jython BytecodeLoader classloader is wreaking havoc in the subtle scheme of security. First we got this: onal> <additional-text>Exception is java.security.AccessControlException, message is access denied (java.lang.RuntimePermission createClassLoader)</additional-text> <additional-trace>java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:272) at java.security.AccessController.checkPermission(AccessController.java:399) at java.lang.SecurityManager.checkPermission(SecurityManager.java:545) at com.tryllian.are.security.SecurityManager.checkPermission(SecurityManager.java:188) at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:610) at java.lang.ClassLoader.<init>(ClassLoader.java:234) at org.python.core.BytecodeLoader.<init>(BytecodeLoader.java:8) at org.python.core.BytecodeLoader.makeCode(BytecodeLoader.java:148) at org.python.core.Py.compile(Py.java:1449) at org.python.modules.codeop.compile_command(codeop.java:23) at org.python.modules.code.compile_command(code.java:8) at java.lang.reflect.Method.invoke(Native Method) at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:158) at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:166) at org.python.core.PyObject.__call__(PyObject.java:272) at org.python.pyconsole.Console$_PyInner.handleLine$20(Console.java:426) at org.python.pyconsole.Console$_PyInner.call_function(Console.java:222) at org.python.core.PyTableCode.call(PyTableCode.java:155) at org.python.core.PyTableCode.call(PyTableCode.java:222) at org.python.core.PyFunction.__call__(PyFunction.java:99) at org.python.core.PyInstance.invoke(PyInstance.java:267) at org.python.pyconsole.Console$_PyInner.enter$13(Console.java:350) at org.python.pyconsole.Console$_PyInner.call_function(Console.java:208) at org.python.core.PyTableCode.call(PyTableCode.java:155) at org.python.core.PyTableCode.call(PyTableCode.java:353) at org.python.core.PyTableCode.call(PyTableCode.java:258) at org.python.core.PyFunction.__call__(PyFunction.java:110) at org.python.core.PyMethod.__call__(PyMethod.java:83) at org.python.core.PyObject.__call__(PyObject.java:260) at org.python.core.PyInstance.invoke(PyInstance.java:256) at org.python.pyconsole.Action$_PyInner.actionPerformed$2(Action.java:90) at org.python.pyconsole.Action$_PyInner.call_function(Action.java:46) at org.python.core.PyTableCode.call(PyTableCode.java:155) at org.python.core.PyTableCode.call(PyTableCode.java:353) at org.python.core.PyTableCode.call(PyTableCode.java:258) at org.python.core.PyFunction.__call__(PyFunction.java:110) at org.python.core.PyMethod.__call__(PyMethod.java:83) at org.python.core.PyObject.__call__(PyObject.java:250) at org.python.core.PyObject._jcallexc(PyObject.java:2017) at org.python.core.PyObject._jcall(PyObject.java:2049) at org.python.proxies.Action$Action$0.actionPerformed(Unknown Source) at javax.swing.SwingUtilities.notifyAction(SwingUtilities.java:1702) at javax.swing.JComponent.processKeyBinding(JComponent.java:2156) at javax.swing.JComponent.processKeyBindings(JComponent.java:2182) at javax.swing.JComponent.processKeyEvent(JComponent.java:2119) at javax.swing.JEditorPane.processKeyEvent(JEditorPane.java:1159) at java.awt.Component.processEvent(Component.java:3555) at java.awt.Container.processEvent(Container.java:1164) at java.awt.Component.dispatchEventImpl(Component.java:2595) at java.awt.Container.dispatchEventImpl(Container.java:1213) at java.awt.Component.dispatchEvent(Component.java:2499) at java.awt.LightweightDispatcher.processKeyEvent(Container.java:2155) at java.awt.LightweightDispatcher.dispatchEvent(Container.java:2135) at java.awt.Container.dispatchEventImpl(Container.java:1200) at java.awt.Window.dispatchEventImpl(Window.java:912) at java.awt.Component.dispatchEvent(Component.java:2499) at java.awt.EventQueue.dispatchEvent(EventQueue.java:319) at java.awt.EventDispatchThread.pumpOneEvent(EventDispatchThread.java:103) at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93) at java.awt.EventDispatchThread.run(EventDispatchThread.java:84) </additional-trace> </additional></info> Our local security expert traced this to Class: class org.python.proxies.Action$Action$0 ClassLoader: org.python.core.BytecodeLoader@61dadb CodeSource: (null <no certificates>) Permissions: java.security.Permissions@24c414 ( (java.util.PropertyPermission java.vendor read) (java.util.PropertyPermission java.specification.version read) (java.util.PropertyPermission line.separator read) (java.util.PropertyPermission java.class.version read) (java.util.PropertyPermission java.specification.name read) (java.util.PropertyPermission java.vendor.url read) (java.util.PropertyPermission java.vm.version read) (java.util.PropertyPermission os.name read) (java.util.PropertyPermission os.arch read) (java.util.PropertyPermission os.version read) (java.util.PropertyPermission java.version read) (java.util.PropertyPermission java.vm.specification.version read) (java.util.PropertyPermission java.vm.specification.name read) (java.util.PropertyPermission java.specification.vendor read) (java.util.PropertyPermission java.vm.vendor read) (java.util.PropertyPermission file.separator read) (java.util.PropertyPermission path.separator read) (java.util.PropertyPermission java.vm.name read) (java.util.PropertyPermission java.vm.specification.vendor read) ) Which appears not to come from any jarfile, which means that it can't be signed - which means that the secureClassLoader chokes on it. We couldn't find the origin of proxies.Action, anyway. I'm going to try whether deriving the BytecodeLoader from a SecureClassLoader makes any difference, but I feel that that's a rather long shot. Boudewijn Rempt | http://www.valdyas.org |
