HHH-15411 Introduce an system property to fully disable Hibernate's use of a system SecurityManager

This commit is contained in:
Sanne Grinovero 2022-07-21 11:08:08 +01:00 committed by Sanne Grinovero
parent deb2c52ab4
commit 697cfea170
7 changed files with 48 additions and 10 deletions

View File

@ -27,6 +27,7 @@ import org.hibernate.HibernateException;
import org.hibernate.bytecode.enhance.spi.EnhancerConstants;
import org.hibernate.bytecode.spi.BasicProxyFactory;
import org.hibernate.internal.CoreMessageLogger;
import org.hibernate.internal.util.securitymanager.SystemSecurityManager;
import org.hibernate.proxy.ProxyConfiguration;
import org.hibernate.proxy.ProxyFactory;
@ -82,7 +83,7 @@ public final class ByteBuddyState {
this.proxyCache = new TypeCache( TypeCache.Sort.WEAK );
this.basicProxyCache = new TypeCache( TypeCache.Sort.WEAK );
if ( System.getSecurityManager() != null ) {
if ( SystemSecurityManager.isSecurityManagerEnabled() ) {
this.classRewriter = new SecurityManagerClassRewriter();
}
else {
@ -276,7 +277,7 @@ public final class ByteBuddyState {
}
};
this.delegateToInterceptorDispatcherMethodDelegation = System.getSecurityManager() != null
this.delegateToInterceptorDispatcherMethodDelegation = SystemSecurityManager.isSecurityManagerEnabled()
? AccessController.doPrivileged( delegateToInterceptorDispatcherMethodDelegationPrivilegedAction )
: delegateToInterceptorDispatcherMethodDelegationPrivilegedAction.run();
@ -290,7 +291,7 @@ public final class ByteBuddyState {
}
};
this.interceptorFieldAccessor = System.getSecurityManager() != null
this.interceptorFieldAccessor = SystemSecurityManager.isSecurityManagerEnabled()
? AccessController.doPrivileged( interceptorFieldAccessorPrivilegedAction )
: interceptorFieldAccessorPrivilegedAction.run();
}

View File

@ -16,6 +16,7 @@ import java.util.function.Function;
import java.util.stream.Stream;
import org.hibernate.HibernateException;
import org.hibernate.internal.util.securitymanager.SystemSecurityManager;
/**
* This dispatcher analyzes the stack frames to detect if a particular call should be authorized.
@ -85,7 +86,7 @@ public class HibernateMethodLookupDispatcher {
throw new SecurityException( "Unauthorized call by class " + callerClass );
}
return System.getSecurityManager() != null ? AccessController.doPrivileged( privilegedAction ) :
return SystemSecurityManager.isSecurityManagerEnabled() ? AccessController.doPrivileged( privilegedAction ) :
privilegedAction.run();
}
@ -133,13 +134,13 @@ public class HibernateMethodLookupDispatcher {
}
};
GET_CALLER_STACK_ACTION = System.getSecurityManager() != null
GET_CALLER_STACK_ACTION = SystemSecurityManager.isSecurityManagerEnabled()
? AccessController.doPrivileged( initializeGetCallerStackAction )
: initializeGetCallerStackAction.run();
}
private static Class<?> getCallerClass() {
Class<?>[] stackTrace = System.getSecurityManager() != null
Class<?>[] stackTrace = SystemSecurityManager.isSecurityManagerEnabled()
? AccessController.doPrivileged( GET_CALLER_STACK_ACTION )
: GET_CALLER_STACK_ACTION.run();

View File

@ -0,0 +1,32 @@
/*
* Hibernate, Relational Persistence for Idiomatic Java
*
* License: GNU Lesser General Public License (LGPL), version 2.1 or later.
* See the lgpl.txt file in the root directory or <http://www.gnu.org/licenses/lgpl-2.1.html>.
*/
package org.hibernate.internal.util.securitymanager;
/**
* Encapsulates access to {@link System#getSecurityManager()},
* in preparation of it being phased out by the JDK.
*
* Since JDK 17 the security manager can be disabled by setting
* the system property {@code java.security.manager} to {@code disallow};
* to prepare for this we also offer the option of setting
* {@code org.hibernate.internal.util.securitymanager.FULLY_DISABLE} to {@code true}
* to have the same effect, although limited to the Hibernate ORM code.
*/
public final class SystemSecurityManager {
public static final String FULLY_DISABLE_PROP_NAME = "org.hibernate.internal.util.securitymanager.FULLY_DISABLE";
private static final boolean disabledForced = Boolean.getBoolean( FULLY_DISABLE_PROP_NAME );
private static final boolean SM_IS_ENABLED = (!disabledForced) && (System.getSecurityManager() != null );
public static boolean isSecurityManagerEnabled() {
return SM_IS_ENABLED;
}
//N.B. do not expose a "doPrivileged" helper as that would introduce a security problem
}

View File

@ -27,6 +27,7 @@ import org.hibernate.bytecode.enhance.spi.interceptor.LazyAttributeLoadingInterc
import org.hibernate.collection.spi.PersistentCollection;
import org.hibernate.engine.spi.PersistentAttributeInterceptable;
import org.hibernate.internal.util.ReflectHelper;
import org.hibernate.internal.util.securitymanager.SystemSecurityManager;
import org.hibernate.proxy.HibernateProxy;
import org.hibernate.proxy.LazyInitializer;
@ -378,7 +379,7 @@ public final class PersistenceUtilHelper {
return new NoSuchAttributeAccess( specifiedClass, attributeName );
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
return SystemSecurityManager.isSecurityManagerEnabled() ? AccessController.doPrivileged( action ) : action.run();
}
}

View File

@ -17,6 +17,7 @@ import org.hibernate.engine.spi.SharedSessionContractImplementor;
import org.hibernate.internal.CoreMessageLogger;
import org.hibernate.internal.util.ReflectHelper;
import org.hibernate.internal.util.collections.ArrayHelper;
import org.hibernate.internal.util.securitymanager.SystemSecurityManager;
import org.hibernate.proxy.HibernateProxy;
import org.hibernate.proxy.ProxyConfiguration;
import org.hibernate.proxy.ProxyFactory;
@ -119,7 +120,7 @@ public class ByteBuddyProxyFactory implements ProxyFactory, Serializable {
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
return SystemSecurityManager.isSecurityManagerEnabled() ? AccessController.doPrivileged( action ) : action.run();
}
}

View File

@ -16,6 +16,7 @@ import org.hibernate.envers.exception.AuditException;
import org.hibernate.envers.internal.entities.PropertyData;
import org.hibernate.envers.internal.tools.ReflectionTools;
import org.hibernate.internal.util.ReflectHelper;
import org.hibernate.internal.util.securitymanager.SystemSecurityManager;
import org.hibernate.property.access.spi.Getter;
import org.hibernate.property.access.spi.Setter;
import org.hibernate.service.ServiceRegistry;
@ -35,7 +36,7 @@ public abstract class AbstractMapper {
* @return the result of the privileged call, may be {@literal null}
*/
protected <T> T doPrivileged(Supplier<T> block) {
if ( System.getSecurityManager() != null ) {
if ( SystemSecurityManager.isSecurityManagerEnabled() ) {
return AccessController.doPrivileged( (PrivilegedAction<T>) block::get );
}
else {

View File

@ -20,6 +20,7 @@ import org.hibernate.envers.internal.entities.EntityInstantiator;
import org.hibernate.envers.internal.entities.mapper.relation.query.RelationQueryGenerator;
import org.hibernate.envers.internal.reader.AuditReaderImplementor;
import org.hibernate.internal.util.ReflectHelper;
import org.hibernate.internal.util.securitymanager.SystemSecurityManager;
/**
* Initializes a persistent collection.
@ -74,7 +75,7 @@ public abstract class AbstractCollectionInitializor<T> implements Initializor<T>
* @return the result of the privileged call, may be {@literal null}
*/
protected <R> R doPrivileged(Supplier<R> block) {
if ( System.getSecurityManager() != null ) {
if ( SystemSecurityManager.isSecurityManagerEnabled() ) {
return AccessController.doPrivileged( (PrivilegedAction<R>) block::get );
}
else {