Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0002281 [Resin] major always 12-02-07 23:01 01-02-08 11:02
Reporter norlab View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 3.1.3
Summary 0002281: Security Manager does not appear to be working
Description <security-manager/> tag used.

/resin/bin/httpd.sh -conf /resin/conf/vhosts/www.domain.com.conf -server domain start

Empty resin1.policy file and resin starts. Nothing has been granted, but Resin starts with full permissions.

<jvm-arg>-Djava.security.policy=file:/resin/resin1.policy</jvm-arg>
<jvm-arg>-Djava.library.path=/resin/libexec64</jvm-arg>
<jvm-arg>-Djava.security.debug=policy</jvm-arg>
<jvm-arg>-J-d64</jvm-arg>
<jvm-arg>-Xmx256m</jvm-arg>
<jvm-arg>-Xss1m</jvm-arg>
<jvm-arg>-Dcom.sun.management.jmxremote</jvm-arg>
<jvm-arg>-Xdebug</jvm-arg>

Solaris 10, java.policy file empty. Removed java.security file

Additional Information Log output:

policy: getPermissions:
    PD CodeSource: (file:/usr/local/src/resin-pro-3.1.3/lib/resin.jar <no signer certificates>)
    PD ClassLoader: sun.misc.Launcher$AppClassLoader@39a125f0
    PD Principals: <no principals>
policy: evaluate codesources:
    Policy CodeSource: (null <no signer certificates>)
    Active CodeSource: (file:/usr/local/src/resin-pro-3.1.3/lib/resin.jar <no signer certificates>)
policy: evaluate principals:
    Policy Principals: null
    Active Principals: []
policy: evaluation (codesource/principals) passed
policy: granting (java.net.SocketPermission localhost:1024- listen,resolve)
policy: granting (java.util.PropertyPermission java.version read)
policy: granting (java.util.PropertyPermission java.vendor read)
policy: granting (java.util.PropertyPermission java.vendor.url read)
policy: granting (java.util.PropertyPermission java.class.version read)
policy: granting (java.util.PropertyPermission os.name read)
policy: granting (java.util.PropertyPermission os.version read)
policy: granting (java.util.PropertyPermission os.arch read)
policy: granting (java.util.PropertyPermission file.separator read)
policy: granting (java.util.PropertyPermission path.separator read)
policy: granting (java.util.PropertyPermission line.separator read)
policy: granting (java.util.PropertyPermission java.specification.version read)
policy: granting (java.util.PropertyPermission java.specification.vendor read)
policy: granting (java.util.PropertyPermission java.specification.name read)
policy: granting (java.util.PropertyPermission java.vm.specification.version read)
policy: granting (java.util.PropertyPermission java.vm.specification.vendor read)
policy: granting (java.util.PropertyPermission java.vm.specification.name read)
policy: granting (java.util.PropertyPermission java.vm.version read)
policy: granting (java.util.PropertyPermission java.vm.vendor read)
policy: granting (java.util.PropertyPermission java.vm.name read)
policy: evaluate codesources:
    Policy CodeSource: (file:/usr/jdk/instances/jdk1.5.0/jre/lib/ext/* <no signer certificates>)
    Active CodeSource: (file:/usr/local/src/resin-pro-3.1.3/lib/resin.jar <no signer certificates>)
policy: evaluation (codesource) failed
Resin Professional 3.1.3 (built Sun, 07 Oct 2007 06:30:19 PDT)
Copyright(c) 1998-2007 Caucho Technology. All rights reserved.


  xxxxxxx.license -- 1 Resin server

Starting Resin on Sun, 30 Dec 2007 22:12:12 -0800 (PST)

Attached Files

- Relationships

There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
12-02-07 23:01 norlab New Issue
01-02-08 11:02 ferg Assigned To  => ferg
01-02-08 11:02 ferg Status new => closed
01-02-08 11:02 ferg Resolution open => fixed
01-02-08 11:02 ferg Fixed in Version  => 3.1.5


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
27 total queries executed.
25 unique queries executed.
Powered by Mantis Bugtracker