Skip to content

Commit

Permalink
Allow graceful failure while path searching if security disallows.
Browse files Browse the repository at this point in the history
This patch allows the PATH searching logic for non-native process
launching to proceed past paths which trigger security exceptions,
such as any path not explicitly permitted for reading by JVM
security policies.

Fixes #3983.
headius committed Aug 18, 2016
1 parent 69b5767 commit 242b351
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions core/src/main/java/org/jruby/util/ShellLauncher.java
Original file line number Diff line number Diff line change
@@ -395,9 +395,14 @@ private static File findPathFile(Ruby runtime, String fname, String[] path, bool
// NOTE: Jruby's handling of tildes is more complete than
// MRI's, which can't handle user names after the tilde
// when searching the executable path
pathFile = isValidFile(runtime, fdir, fname, isExec);
if (pathFile != null) {
break;
try {
pathFile = isValidFile(runtime, fdir, fname, isExec);
if (pathFile != null) {
break;
}
} catch (SecurityException se) {
// Security prevented accessing this PATH entry, proceed to next
continue;
}
}
} else {

0 comments on commit 242b351

Please sign in to comment.