[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug classpath/42390] New: Missing Security Manager checks in classpath
From: |
varun at cs dot utexas dot edu |
Subject: |
[Bug classpath/42390] New: Missing Security Manager checks in classpath apis |
Date: |
16 Dec 2009 04:02:17 -0000 |
1) Constructor missed the
sm.checkPermission(SUBCLASS_IMPLEMENTATION_PERMISSION) check in the
java.io.ObjectOutputStream: void <init>(java.io.OutputStream) constructor call.
2)
Method calls :<java.util.logging.LogManager: void
removePropertyChangeListener(java.beans.PropertyChangeListener)>
and
<java.util.logging.LogManager: void
addPropertyChangeListener(java.beans.PropertyChangeListener)>
misses LoggingPermission"control" check
3) Mehtod call :<java.io.File: boolean isHidden()> missing the check for
checkRead()
4) Mehtod call :<java.security.ProtectionDomain: java.lang.String toString()>
missing sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION) for the
dynamic policy permission load.
5)
Mehtod call :<java.net.Socket: void connect(java.net.SocketAddress)>
and :<java.net.Socket: void connect(java.net.SocketAddress,int)> missing
checkConnect.
6) Method <java.net.DatagramSocket: void connect(java.net.SocketAddress)>
should perform checkListen, checkMulticast, checkAccept on top of checkConnect
--
Summary: Missing Security Manager checks in classpath apis
Product: classpath
Version: 0.97.2
Status: UNCONFIRMED
Severity: critical
Priority: P3
Component: classpath
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: varun at cs dot utexas dot edu
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=42390
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Bug classpath/42390] New: Missing Security Manager checks in classpath apis,
varun at cs dot utexas dot edu <=