Actions
Bug #8857
closedSome Javascript engine fails when accessing system values
Status:
Released
Priority:
N/A
Assignee:
Category:
Architecture - Internal libs
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:
Description
The following tests fails for reason that were not expected:
- It should fail with a failure containing 'forced interrupted' when accessing file system, but fails with a WrappedException containing a securityException:
When getting the sandboxed environement\u002C one should::not be able to access FS with JS(com.normation.rudder.services.policies.TestJsEngine): Failure(sun.org.mozilla.javascript.WrappedException: Wrapped java.lang.SecurityException: access denied to: ("java.io.FilePermission" "/tmp/rudder-test-fromjsengine" "write") (<Unknown source>#1) in <Unknown source> at line number 1,Empty,Empty) is not a Failure whose message matches .*forced interrupted.*
- It should fail with a failure containing 'forced interrupted' when killing system, but fails with a WrappedException containing a securityException:
When getting the sandboxed environement\u002C one should::not be able to kill the system with JS(com.normation.rudder.services.policies.TestJsEngine): Failure(sun.org.mozilla.javascript.WrappedException: Wrapped java.lang.SecurityException: access denied to: ("java.lang.RuntimePermission" "exitVM.0") (<Unknown source>#1) in <Unknown source> at line number 1,Empty,Empty) is not a Failure whose message matches .*forced interrupted.*
Updated by Vincent MEMBRÉ over 8 years ago
That happens with the following jdk:
root@scala-builder:~# java -version java version "1.7.0_95" OpenJDK Runtime Environment (IcedTea 2.6.4) (7u95-2.6.4-1~deb8u1) OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)
Updated by Vincent MEMBRÉ over 8 years ago
- Status changed from New to In progress
- Assignee changed from François ARMAND to Vincent MEMBRÉ
Updated by Vincent MEMBRÉ over 8 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Vincent MEMBRÉ to François ARMAND
- Pull Request set to https://github.com/Normation/rudder/pull/1164
Updated by Vincent MEMBRÉ over 8 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset rudder|e0468e885d1c88d065dfc62ebd0a72e328384908.
Updated by Vincent MEMBRÉ over 8 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 3.1.13 and 3.2.6 which were released today.
- 3.1: Announce Changelog
- 3.2: Announce Changelog
- Download: https://www.rudder-project.org/site/get-rudder/downloads/
Updated by François ARMAND about 8 years ago
- Related to User story #8629: Allows generation-time javascript eval in directive parameters added
Actions