System.getProperty() calls ... wrap them in doPrivileged

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 7.0.0pre3
Fix Version/s: 6.1.15.rc3
Component/s: HTTP
Labels:
None

Number of attachments :
0

Description

Log.class accesses system properties. This requires a permission. That's
OK for normal deployments, but with custom permissions designs, it can be
problematic.

public class Log {
// ....
private static String
__logClass=System.getProperty("org.mortbay.log.class","org.mortbay.log.Slf4jLog");
private static boolean __verbose =
System.getProperty("VERBOSE",null)!=null;
private static boolean __ignored =
System.getProperty("IGNORED",null)!=null;
// ...

Is there any chance in setting those up in a static initializer block to
allow for simplifying permissions?

AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run()

{ __logClass = System.getProperty("org.mortbay.log.class","org.mortbay.log.Slf4jLog"); __verbose = System.getProperty("VERBOSE",null)!=null; __ignored = System.getProperty("IGNORED",null)!=null; return true; }

});

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Greg Wilkins added a comment - 24/Jan/09 4:49 PM

Can you look at this one, as I think it might dove tail with some other tasks coming your way.

Show

Greg Wilkins added a comment - 24/Jan/09 4:49 PM Can you look at this one, as I think it might dove tail with some other tasks coming your way.

Hide

Permalink

Jesse McConnell added a comment - 27/Jan/09 4:49 PM

looks good to me, added to branch and trunk..

Show

Jesse McConnell added a comment - 27/Jan/09 4:49 PM looks good to me, added to branch and trunk..

People

Assignee:

Jesse McConnell

Reporter:

Paul Hammant

Vote (0)

Watch (0)

Dates

Created:

20/Aug/08 11:43 AM

Updated:

20/Apr/09 1:07 AM

Resolved:

27/Jan/09 4:49 PM