-
-
Notifications
You must be signed in to change notification settings - Fork 925
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JRuby Security Manager Issues (accessPackageInClass.sun.misc) #3272
Comments
@headius any idea when this might be targeted for? |
Hmm...after quick inspection I don't see where jnr-posix is using |
Can you provide a simple way I can reproduce this? It seems like the use of reflection in our Java POSIX stuff is to blame, but it's hard to tell from your report. If that is the problem, I need to know where, because most place we use reflection do have exception handling in place. |
@headius unfortunately it's part of a big proprietary blob of code. The error happens merely instantiating jruby (via any of the embedding APIs). It'll take me a while to extract a minimal test case, but I'll try to find the time over the next couple weeks. |
Unsafe is used all over JRuby. Even RubyBasicObject uses it. Then again, it's been removed in jdk9. So, it's probably time to start getting rid of it. It's even possible Unsafe is the source of some heisenbugs. |
We have made efforts to avoid using Unsafe, or to have fallbacks in most cases. In addition, we've done work to make sure we can fall back to degraded functionality on newer versions of Java that protect JDK classes using modules. I would like to be able to run properly with a security manager in place, but without an example test case this will be difficult to do. I'm closing this as it is rather stale. If someone would like to work with us to make JRuby run better under a security manager, please open a new issue with an example case you expect to work. |
Moved from the mailing list. As @headius put it
The usage of classes in
sun.misc
presents issues with the security manager. In a locked down context I'm trying to run JRuby in I get the following stack traceThe text was updated successfully, but these errors were encountered: