This is version . It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]
TitleCode signing is unnecessary
Date25-Feb-2006 01:04:17 EET
Bug criticalityLightBug
Browser version
Bug statusNotReallyBug
PageProvider used
Servlet ContainerTomcat 5.5
Operating SystemWin32, Linux
Java version5.0

JSPWiki uses jspwiki.policy entries like ({) grant signedBy "jspwiki" principal com.ecyrd.jspwiki.auth.authorize.Role "Asserted" (})

The signedBy is unnecessary, it suffices to grant to principals.

I deleted all signedBy "jspwiki", the security code still works. I tested Sun JDK 5.0 with XP and Linux.

The signing makes development unnecessarily difficult.

This is not a bug, because code-signing is needed to support certain deployment scenarios. This is perhaps a slight impediment to development, but I think we've done the best we can to make code-signing easy. The Ant scripts will auto-generate a key for you (with sensible defaults) whenever you build JSPWiki from scratch. So I think the comment "unnecessarily difficult" is a little harsh.

As for why we need to do code-signing, it's NOT necessary in the default case where you drop a WAR into a servlet container and use JSPWiki as a single, stand-alone wiki. But for multi-wiki deployments in the same container, or for those cases where the implementer wishes to specify an external security policy file, then we need our code to be signed. Specifically, it has to do with the way Permission classes are loaded and evaluated by the Java access control classes. JSPWiki makes extensive use of custom Permission types (PagePermission, WikiPermission and AllPermission).

Here's an excerpt from the definitive book, Inside Java 2 Platform Security, 2nd Edition, by Li Gong, that explains why this is so:

Many Permission classes referenced by the policy configuration exist locally. That is, those classes can be discovered by the Policy provider's defining class loader or another loader it delegates to, such as the bootstrap class loader. Objects for such permissions can be instantiated during Policy initialization. For example, it is always possible to instantiate a, as the FilePermission class is bound on the bootstrap class path.

However, [it is possible that] when the Policy object is constructed, the code that implements a particular Permission class has yet to be loaded or is not available for loading. For example, a referenced Permission class might be in a JAR file that will eventually be downloaded. In this case, the Permission has yet to be defined within the Java runtime environment. For such a class, an UnresolvedPermission object is instantiated instead, as a placeholder that contains information about the permission... Unresolved permissions of a particular type must be resolved before an access control decision can be made about a permission of the actual type... To resolve an UnresolvedPermission, the policy decision point must locate and instantiate the appropriate permission class type...

A few methods... in the UnresolvedPermission class are

public UnresolvedPermission(String type, String name, 
String actions, certs[]);

public boolean implies(Permission p);

public boolean equals(Object obj); 

Note that the constructor takes an array of certificates, which can be used to verify the signatures on the permission class. Remember that UnresolvedPermissions enable the deferred loading of permission classes so that a given permission class need not be defined until necessary. The very nature of such permission classes suggests that a more rigorous mechanism is required to ensure their authenticity. By signing a given permission class and specifying the signing requirement in the security policy, we have a foundation that can be used to assure us that the permission class respects the intentions of the root class and that the implementation is not malicious. Of course, this assurance depends on the trust conveyed by the signature keys used to sign the class. However, without this mechanism, it would be up to the application to make this trust decision, which would be difficult, if not impossible, for the application to do. [emphasis mine]

Thus -- the logic works like this...

If the classes containing our custom permissions are all loaded before the Policy is set, then we don't need to sign them. For stand-alone, out-of-the-box JSPWiki implementations that do not also specify an external policy file via the system property at startup, all classes will be loaded before JSPWiki sets its custom policy.

However, it is not safe to assume that all environments work this way. In some (mine, for instance), the admin will wish to set the policy file manually. In this case, the JSPWiki Permission classes will not be available to the Java Policy object at JVM startup. Thus, they are instantiated initially as UnresolvedPermission instances. Therefore, we must have our JAR signed in order for them to become "resolved."

P.S. Li Gong's book is outstanding, by the way, and I recommend it to anyone who wishes to explore the innards of Java security. Took me several read-throughs to really grok it, but it was well worth the effort.

-- Andrew Jaquith, 29 March 2006 ken park dvd uncensored kawasaki portable dvd player kawasaki 9inch dvd pvs10921 kacey dvd jvc dvd players jvc dvd mp3 jvc combo dvd vcr joueurs portatifs initiaux de dvd en vente joueur libre de logiciel de dvd joueur de dvd de l audiovox d1800 portatif joueur de dvd d orbite john doe the series dvd johannes weidenmueller dvd jeu de secours ps2 r de dvd japanese cooking dvd janq dvd discs izakaya yuurei dvd itunes to dvd ionics ems dvd drive interviews with bob dvd international on98p dvd player internal dvd drive internal dvd burner instruction manual for ch dvd 320 install osx tiger without dvd drive install configure dvd drives inspector alleyn mysteries dvd region 2 innovatek dvd players price initial dvd dvd5820 in search of on dvd imtoo dvd to mp4 converter serial number imtoo dvd to mp4 converter keygen imtoo dvd to 3gp suite crack imtoo dvd ripper 4 imtoo dvd converter impressionen le dvd d escompte de wasser d unter imagemixer dvd authoring software if film malcom mcdowel dvd i need to convert a movie maker file to a dvd file i need to conver a movie maker file to a dvd file i love lucy dvd hp dvd 630e total life hp dvd 630e how to use windows recovery dvd how to transfer 8mm to dvd how to tell dvd rom how to rip dvd to ipod how to rip audio from a dvd how to retrieve cprx copied dvd how to record to dvd hdd freeview how to make a bootable dvd how to made dvd with menu how to install a mobile dvd system how to install a dvd drive into a xp computer how to encrypt dvd how to drag and drop dvd rw how to copy a dvd with copy protection how to convert mpg files to dvd files how to connect two tv dvd player how to connect tv dvd foxtel video together how to clean dvd heads how to change a format on a music dvd how to backup os x dvd to cd how put large files on dvd how do i copy a copy protected dvd how do i burn vhs to dvd on computer hot dvd hostel dvd at walmart hook up vcr to dvd player hook up vcr to dvd plater hong kong adult dvd hon hai precision dvd dhw 1160 homemade sex dvd home moives on dvd hogtie dvd bondage hogans heroes dvd hitachi dvd cam history channel dvd high capacity dvd holder hercules 10th anniversary dvd herbie fully loaded dvd helios dvd heavenly creatures dvd heather lere dvd heart of gold buy the dvd heart like a wheel dvd heardrest screen dvd north england headrest dvd used hd quality dvd player on laptop hd dvd player wont play hbo s the wire 3rd season on dvd harvard man dvd used harry potter and the sorcerer stone dvd harrowhouse dvd hack dvd menus with toast 7 ha dvd burner h i m dvd gymstick dvd gt pro dvd storage grey s anatomy dvd go video portable dvd player glory road dvd gia carangi the self destruction of gia dvd get smart why not on dvd get smart tv show dvd gay rimming dvd gay dvd shop graz wolfi gateway 200x dvd driver fujitsu laptop dvd drivers freeware pc dvd player freeware mpeg to dvd converter freeware dvd frame grabber freeware dvd copier free windows video to dvd converter free windows media player dvd decoder free trial adult dvd rent free selfformatting dvd copiers free r kelly porn dvd download free porn semen sippers dvd direct free music video dvd free guitat lesson video dvd free full version dvd player free ebook dvd cover creation software free dvd x copy platinum download free dvd upgrade free dvd trailers for xxx movies free dvd to avi convert free dvd search engine free dvd ripper mp3 free dvd rip hack free dvd porn free dvd plug in download free dvd player for xp free dvd player for computer free dvd movie free dvd decrypt software free dvd data reader free dvd burning programs download free dvd burner crack free dvd backup free downlaod of power dvd player free computer dvd player software freddy mercury dvd fox dvd sequel forum de xpress de copie du dvd x forum de copie du dvd 1click format avi mpg mpeg to dvd video files foreign film on dvd forced cuckold dvd forced bisexuality dvd first movie commercially released on dvd first dvd player firmware download region free hp dvd writer 400c finding home dvd final fuck x dvd fedora core dvd download father corapi dvd fastest dvd ripping program family guy uncovered dvd review family feud dvd fahrenheit game dvd image eye of the beholder dvd external dvd rw drives extended dvd explain dvd types

Add new attachment

Only authorized users are allowed to upload new attachments.
« This particular version was published on 17-Jul-2006 11:30 by