Bug 1054888 - Check security manager permissions in ServiceRegistry
Summary: Check security manager permissions in ServiceRegistry
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: XTS
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ER4
: EAP 6.3.0
Assignee: Gytis Trikleris
QA Contact: Ondrej Chaloupka
Russell Dickenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-17 17:01 UTC by Gytis Trikleris
Modified: 2014-10-25 12:37 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-08-20 09:01:35 UTC
Type: Bug


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker JBTM-2076 0 Major Closed Add security manager's permission checking in com.arjuna.webservices11.ServiceRegistry#getRegistry 2014-08-20 08:59:51 UTC

Description Gytis Trikleris 2014-01-17 17:01:18 UTC
Permissions checking in public static methods is needed for Common Criteria certification. com.arjuna.webservices11.ServiceRegistry#getRegistry method has to have such checking.

https://issues.jboss.org/browse/JBTM-2076

Comment 1 Gytis Trikleris 2014-04-08 08:47:17 UTC
Pull request with this fix was merged to JBossTS and will be available once JBossTS 4.17.19.Final is released.

Comment 2 JBoss JIRA Server 2014-04-09 15:03:34 UTC
Tom Jenkinson <tom.jenkinson@redhat.com> updated the status of jira JBTM-2076 to Closed

Comment 3 Ondrej Chaloupka 2014-08-20 08:56:18 UTC
EAP 6.3.0.ER4 contained this fix as Narayana 4.17.19.Final was there.
I've checked this in EAP 6.3.0.GA (org/jboss/xts/main/jbossxts-4.17.21.Final-redhat-2.jar) by decompiling the java classes as we do not have tests for checking security manager on all classes.


Note You need to log in before you can comment on or make changes to this bug.