Closed bmah888 closed 10 years ago
I have not seen this problem for a while. Since many things have changed in the security, this bug may have gone away by now. Bruce, can you confirmed that you have not experienced it as well in the past few weeks ?
I have seen this error again this week and I found the root cause:
Mina's SSHD / NIO use a ThreadPoolExecutor (java.util.concurrent.TheadPoolExecutor) to handle the asynchronous I/O of the SSH session (i.e. In/Out/Err streams). The implementation of the thread pool dynamically creates and deletes threads in the pool, starting with an empty pool. This operation is performance by the thread that is actually performing the read or write on either of those streams. Those are the Shell threads, executing the user commands and programs and run with the privilege mode of the user. The security manager enforces that threads created by an enos thread keep the same user and privilege level as the creator, so an unprivileged thread cannot create a privilege one.
As a consequence, the first user to log in will set the user/privilege of the threads in the pool. If the pool needs more threads in future, in case of a spike in concurrent users loggued in. If the user is unprivileged, the shell will not be able to set user/privilege of another user.
Fix consisted of implementing a custom IoServiceFactory that creates the ThreadPool of worker threads with a fixed number (only core threads) and pre start them at boot time. This limits the number of users that can be log in at the same time. A more dynamic ThreadPool would be better but that would be an optimization.
The number of worker threads is a configuration in GlobalConfiguration.
This issue is fixed/closed
During the login of an unprivileged user, the enos backend can sometimes generate an exception related to permissions. This doesn't happen all of the time. Back-end stack trace: