|
|
@@ -19,7 +19,10 @@ |
|
|
|
*/ |
|
|
|
package org.sonar.process; |
|
|
|
|
|
|
|
import java.security.CodeSource; |
|
|
|
import java.security.Permission; |
|
|
|
import java.security.PermissionCollection; |
|
|
|
import java.security.Permissions; |
|
|
|
import java.security.Policy; |
|
|
|
import java.security.ProtectionDomain; |
|
|
|
import java.security.SecurityPermission; |
|
|
@@ -68,6 +71,23 @@ public class SecurityManagement { |
|
|
|
return true; |
|
|
|
} |
|
|
|
|
|
|
|
// workaround for SONAR-13559 / JDK-8014008 |
|
|
|
// borrowed as-is from https://github.com/elastic/elasticsearch/pull/14274 |
|
|
|
@Override |
|
|
|
public PermissionCollection getPermissions(CodeSource codesource) { |
|
|
|
// code should not rely on this method, or at least use it correctly: |
|
|
|
// https://bugs.openjdk.java.net/browse/JDK-8014008 |
|
|
|
// return them a new empty permissions object so jvisualvm etc work |
|
|
|
for (StackTraceElement element : Thread.currentThread().getStackTrace()) { |
|
|
|
if ("sun.rmi.server.LoaderHandler".equals(element.getClassName()) && |
|
|
|
"loadClass".equals(element.getMethodName())) { |
|
|
|
return new Permissions(); |
|
|
|
} |
|
|
|
} |
|
|
|
// return UNSUPPORTED_EMPTY_COLLECTION since it is safe. |
|
|
|
return super.getPermissions(codesource); |
|
|
|
} |
|
|
|
|
|
|
|
String getDomainClassLoaderName(ProtectionDomain domain) { |
|
|
|
return domain.getClassLoader().getClass().getName(); |
|
|
|
} |