{ "_class" : "hudson.matrix.MatrixRun", "actions" : [ { }, { "_class" : "hudson.model.CauseAction", "causes" : [ { "_class" : "hudson.model.Cause$UpstreamCause", "shortDescription" : "Started by upstream project \"gluegen_onmaster\" build number 18", "upstreamBuild" : 18, "upstreamProject" : "gluegen_onmaster", "upstreamUrl" : "job/gluegen_onmaster/" } ] }, { "_class" : "hudson.plugins.git.util.BuildData", "buildsByBranchName" : { "origin/master" : { "_class" : "hudson.plugins.git.util.Build", "buildNumber" : 18, "buildResult" : None, "marked" : { "SHA1" : "1a01dce6c42b398cdd68d405828774a3ab366456", "branch" : [ { "SHA1" : "1a01dce6c42b398cdd68d405828774a3ab366456", "name" : "origin/master" } ] }, "revision" : { "SHA1" : "1a01dce6c42b398cdd68d405828774a3ab366456", "branch" : [ { "SHA1" : "1a01dce6c42b398cdd68d405828774a3ab366456", "name" : "origin/master" } ] } } }, "lastBuiltRevision" : { "SHA1" : "1a01dce6c42b398cdd68d405828774a3ab366456", "branch" : [ { "SHA1" : "1a01dce6c42b398cdd68d405828774a3ab366456", "name" : "origin/master" } ] }, "remoteUrls" : [ "git://jogamp.org/srv/scm/gluegen.git" ], "scmName" : "" }, { "_class" : "hudson.plugins.git.GitTagAction" }, { }, { }, { "_class" : "org.jenkinsci.plugins.displayurlapi.actions.RunDisplayAction" } ], "artifacts" : [ ], "building" : False, "description" : None, "displayName" : "#18", "duration" : 39753, "estimatedDuration" : 220134, "executor" : None, "fullDisplayName" : "gluegen_onmaster ยป linux-x86_64-master-001 #18", "id" : "2013-06-11_18-25-47", "inProgress" : False, "keepLog" : False, "number" : 18, "queueId" : -1, "result" : "SUCCESS", "timestamp" : 1370967947000, "url" : "https://jogamp.org/chuck/job/gluegen_onmaster/label=linux-x86_64-master-001/18/", "builtOn" : "linux64-null-centos55-jogamp-x64-chuck-001", "changeSet" : { "_class" : "hudson.plugins.git.GitChangeSetList", "items" : [ { "_class" : "hudson.plugins.git.GitChangeSet", "affectedPaths" : [ "src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java", "src/java/com/jogamp/common/util/SecurityUtil.java", "make/scripts/runtest.sh", "src/java/jogamp/common/os/UnixDynamicLinkerImpl.java", "src/java/com/jogamp/common/os/DynamicLinker.java", "src/java/com/jogamp/common/util/cache/TempFileCache.java", "src/java/jogamp/common/Debug.java", "src/junit/com/jogamp/junit/sec/TestSecIOUtil01.java", "src/java/com/jogamp/gluegen/Logging.java", "make/build-test.xml", "src/java/com/jogamp/common/jvm/JNILibLoaderBase.java", "src/java/com/jogamp/common/util/IOUtil.java", "make/scripts/runtest-secmgr.sh", "test/applet/runapplet.sh", "src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java", "test/applet/java.policy.applet", "src/java/com/jogamp/common/os/Platform.java", "test/applet/applet01.html", "src/junit/com/jogamp/junit/sec/Applet01.java", "src/java/com/jogamp/common/util/PropertyAccess.java" ], "commitId" : "1a01dce6c42b398cdd68d405828774a3ab366456", "timestamp" : 1370953548000, "author" : { "absoluteUrl" : "https://jogamp.org/chuck/user/sven%20gothel", "fullName" : "Sven Gothel" }, "authorEmail" : "sgothel@jausoft.com", "comment" : "Bug 752: Review Code Vulnerabilities (Permission Checks of new exposed code and privileged access)\u000a\u000aThis review focuses on how we perform permission checks,\u000aor better - do we circumvent some assuming full privileges ?\u000aSome native methods do need extra permission validation, i.e. loading native libraries.\u000a\u000aFurther more AccessController.doPrivileged(..) shall not cover generic code\u000aexposing a critical feature to the user.\u000a\u000aFurther more .. we should rely on the SecuritManager, i.e. AccessControlContext's\u000a'checkPermission(Permission)' code to comply w/ fine grained permission access.\u000a\u000aIt is also possible to have full permission w/o having any certificates (-> policy file).\u000a\u000a+++\u000a\u000aWe remove implicit AccessController.doPrivileged(..) from within our trusted code\u000afor generic methods, like Property access, temp. files.\u000a\u000a+++\u000a\u000aSecurityUtil:\u000a - Remove 'getCommonAccessControlContext(Class clz)',\u000a which returned a local AccessControlContext for later restriction\u000a if the passed class contains all certificates as the 'trusted' GlueGen class has.\u000a\u000a - Simply expose convenient permission check methods relying on\u000a SecurityManager / AccessControlContext.\u000a\u000aPropertyAccess:\u000a - 'protected static void addTrustedPrefix(..)' requires AllPermissions if SecurityManager is installed.\u000a - Remove implicit doPrivileged(..) triggered by passed AccessControlContext instance,\u000a only leave it for trusted prefixes.\u000a\u000aIOUtil:\u000a - Remove all doPrivileged(..) - Elevation shall be performed by caller.\u000a\u000aDynamicLinker:\u000a - 'public long openLibraryLocal(..)' and 'public long openLibraryGlobal(..)'\u000a may throw SecurityException, if a SecurityManager is installed and the dyn. link permission\u000a is not granted in the calling code.\u000a Implemented in their respective Unix, OSX and Windows manifestation.\u000a\u000a Caller has to elevate privileges via 'doPrivileged(..) {}' !\u000a\u000a+++\u000a\u000aTests:\u000a - Property access\u000a - File access\u000a - Native library loading\u000a\u000aManual Applet test (unsigned, but w/ SecurityManager and policy file):\u000a > gluegen/test/applet\u000a\u000a Applet has been tested w/ signed JAR w/ Firefox and Java7 on GNU/Linux as well.\u000a\u000aManual Application test (unsigned, but w/ SecurityManager and policy file):\u000a com.jogamp.junit.sec.TestSecIOUtil01\u000a\u000a - Run w/ SecurityManager and policy file:\u000a - gluegen/scripts/runtest-secmgr.sh\u000a\u000a - Run w/o SecurityManager:\u000a - gluegen/scripts/runtest.sh\u000a", "date" : "2013-06-11T14:25:48+0200", "id" : "1a01dce6c42b398cdd68d405828774a3ab366456", "msg" : "Bug 752: Review Code Vulnerabilities (Permission Checks of new exposed", "paths" : [ { "editType" : "edit", "file" : "src/java/jogamp/common/Debug.java" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/os/Platform.java" }, { "editType" : "edit", "file" : "src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java" }, { "editType" : "add", "file" : "test/applet/applet01.html" }, { "editType" : "add", "file" : "src/junit/com/jogamp/junit/sec/Applet01.java" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/util/cache/TempFileCache.java" }, { "editType" : "edit", "file" : "src/java/jogamp/common/os/UnixDynamicLinkerImpl.java" }, { "editType" : "add", "file" : "src/junit/com/jogamp/junit/sec/TestSecIOUtil01.java" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/util/SecurityUtil.java" }, { "editType" : "edit", "file" : "make/scripts/runtest.sh" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/util/PropertyAccess.java" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/jvm/JNILibLoaderBase.java" }, { "editType" : "add", "file" : "test/applet/runapplet.sh" }, { "editType" : "edit", "file" : "make/build-test.xml" }, { "editType" : "add", "file" : "test/applet/java.policy.applet" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/util/IOUtil.java" }, { "editType" : "edit", "file" : "src/java/com/jogamp/common/os/DynamicLinker.java" }, { "editType" : "add", "file" : "make/scripts/runtest-secmgr.sh" }, { "editType" : "edit", "file" : "src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java" }, { "editType" : "edit", "file" : "src/java/com/jogamp/gluegen/Logging.java" } ] } ], "kind" : "git" }, "culprits" : [ { "absoluteUrl" : "https://jogamp.org/chuck/user/sgothel", "fullName" : "Sven Gothel" } ] }