Added support for fragment bundles and acceptable failure for io.netty.util.NetUtil

paouelle commented 5 years ago

Description of the Change

Added support to properly handle fragment bundles.
Added support for getting a domain from a class in the backdoor.
Enhanced to report the canonicalized path for file permissions.
Modified to still put a break when something is calling doPrivileged() on behalf of someone else as we cannot assume the context will be the same as the stack prior to the call. Did at least move the stack break to be after the caller of those special places.
Handle case where a protection domain from the access control context cannot be correlated to a domain/bundle.
added acceptable failure for io.netty.util.NetUtil

Alternate Designs

Unknown

Benefits

Reports properly which bundle to give permissions to since the host bundle would not require permissions when the security exception occurs in the fragment. Also, by using the canonicalized path for file permissions, we end up being able to more properly compress the value such that it really becomes installation location independent.

Possible Drawbacks

Unknown

Verification Process

Proceed with the steps outlined in the associated issues. Note that for this to work, DDF would have to be rebuilt with the backdoor from the same version.

Applicable Issues

Fixes: #40 Fixes: #41

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build failure. See the job results in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build failure. See the job results in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build failure. See the job results in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build failure. See the job results in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build failure. See the job results in legacy Jenkins UI or in Blue Ocean UI.

paouelle commented 5 years ago

build now

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build success! See the job results in legacy Jenkins UI or in Blue Ocean UI.

paouelle commented 5 years ago

build now

brjeter commented 5 years ago

Hero'd the piece of the functionality that fixed the issue I reported ✅

cxbot commented 5 years ago

Internal build has been started. Your results will be available at completion. See build progress in legacy Jenkins UI or in Blue Ocean UI.

cxbot commented 5 years ago

Build success! See the job results in legacy Jenkins UI or in Blue Ocean UI.

tyler30clemens commented 5 years ago

Hero for the issue I reported ✅ verified the ACCEPTABLE ACCESS CONTROL PERMISSION FAILURE message was displayed, not a missing permission error with a solution

codice / acdebugger