Google Git
Sign in
eclipse / equinox / rt.equinox.framework / ad50f2e8ccbef7ce82fe7ed343d2ae194575f687
commitad50f2e8ccbef7ce82fe7ed343d2ae194575f687[log] [tgz]
authorMykola Nikishov <mn@mn.com.ua>Mon May 13 09:28:25 2019 +0300
committerMykola Nikishov <mn@mn.com.ua>Tue May 14 12:51:51 2019 -0400
tree672979d4370c678a10e9407c382a82abace8d31c
parentd2fb14e1936a8b0d3ca4a25468a6364362e22e0a [diff]
Bug 547265 - Fine-grained access to system properties in launcher's Main

Running with SecurityManager enabled, System.getProperties() requires
full access to all properties, including write permission, even if we
are not going to modify any of them. Instead, replace
System.getProperties().xxx() chained calls with their direct
counterparts:

- System.getProperties().getProperty() with System.getProperty()
- System.getProperties().put() with System.setProperty()
- System.getProperties().remove() with System.clearProperty()

This would allow to use minimal security policy regarding system
properties like:

    grant {
      permission java.util.PropertyPermission "*", "read";
      permission java.util.PropertyPermission "osgi.*", "write";
      permission java.util.PropertyPermission "eclipse.*", "write";
    };

and would provide more specific error message if/when
AccessControlException occurs:

    java.security.AccessControlException: access denied ("java.util.PropertyPermission" "eclipse.exitcode" "read")

Change-Id: If5d4cb0dc8ad795d1a9c85932222072bd58121ce
Signed-off-by: Mykola Nikishov <mn@mn.com.ua>
3 files changed
tree: 672979d4370c678a10e9407c382a82abace8d31c
  1. bundles/
  2. features/
  3. launcher-binary-parent/
  4. releng/
  5. .gitattributes
  6. .gitignore
  7. CONTRIBUTING
  8. LICENSE
  9. NOTICE
  10. pom.xml