ArtemisSecurityManager fails to prevent network connections

[angatha]

Describe the bug Given a test not annotated with @AllowLocalPort, it is still possible for student code to acces the internet and local ports. (The local port part is not tested in artemis itself but locally but I'm more conserned with internet access.)

To Reproduce

1. Create a new programming exercise
2. Clear all classes in tests and solution
3. Add in solution repository:

package xyz;

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;

public class ReachingWeb {
    public static int googleCode() throws IOException {
        URL url = new URL("http://google.com");
        HttpURLConnection con = (HttpURLConnection) url.openConnection();
        con.setRequestMethod("GET");
        return con.getResponseCode();
    }
}

4. Add in test repository

package xyz;

import org.junit.jupiter.api.*;
import static org.junit.jupiter.api.Assertions.*;

import java.io.IOException;

import de.tum.in.test.api.BlacklistPath;
import de.tum.in.test.api.StrictTimeout;
import de.tum.in.test.api.WhitelistPath;
import de.tum.in.test.api.jqwik.Public;

@Public
@WhitelistPath("target")
@BlacklistPath("target/test-classes")
class ReachingWebTest {

    @Test
    @StrictTimeout(1)
    void testReachWeb() throws IOException {
        int temp = ReachingWeb.googleCode();
        if(temp != 200) {
            fail("Google is not Reachable. Erwartete Code 200, habe " + temp + " erhalten.");
        }
    }
}

3. The test succeeds

Expected behavior Security manager should prevent internet acces.

Desktop (please complete the following information):

• OS: Windows
• IDE: IntelliJ
• Ares-Version: 1.13.0

Also applies to docker image ls1tum/artemis-maven-template:java17-21

Additional context In the security manager, checkForNonWhitelistedStackFrames gets called but getNonWhitelistedStackFrames does not return the stackframe from ReachingWeb because a takeWhile cuts it of: