Name: mf23781 Date: 03/12/99
If an Applet attempts to stop or interrupt a Thread which it owns, (i.e. the Thread
belongs to the same ThreadGroup as the AppletClassLoader), but the Thread
has already stopped (e.g. because its run() method has terminated) then the
SecurityManager's checkAccess() method throws a SecurityException.
This regression occurs for Thread.stop() and Thread.interrupt(). It could, potentially,
occur for other Thread methods.
Why does this Regression Occur ?
--------------------------------------------------------
The SecurityException thrown during a Thread.stop() has been introduced by a
change which Sun made to this method (Sun defect: 4164156).
This change was made to close a security exposure in the original implementation.
Originally, Thread.stop() called Thread.stop(Throwable o) **THUS ADDING 1**
to the *classLoaderDepth*. 4164156 changed Thread.stop() so that it no longer called
Thread.stop(Throwable o), thus making the classLoaderDepth when it reached
the SecurityManager's checkAccess() method == 3 (rather than 4).
If a SecurityManager's checkAccess() method finds that the classLoaderDepth == 3,
then it carries on with its validation and checks if the Thread we are trying to
change belongs to the same ThreadGroup as the AppletClassLoader.
When a Thread stops then Thread.exit() sets the ThreadGroup variable "group" =
null i.e. the Thread is no longer in any ThreadGroup and any validation of the
ThreadGroup is futile.
Test Case for Thread.stop()
------------------------------------------
The Sun 1.0.2 SortDemo illustrates the problem of the Thread.stop() (someone obviously
noticed the problem in 1.1 since the 1.1 SortDemo patches over the problem by not
attempting to stop the sort Thread !).
1. Run the 1.0.2 SortDemo (e.g. run x:\jdk1.1.6\demo\SortDemo\example1.html) against
a 1.1.7 JDK.
2. Click on the three SortDemo Applets to start them sorting.
3. Wait until the SortDemo Applets have finished sorting.
4. On any of the Applet's:
Click on "Applet"
Click on "Stop"
5. This results in: sun.applet.AppletSecurityException checkaccess.thread.
Test Case for Thread.interrupt()
------------------------------------------------
As above, but change the kicker.stop() to kicker.interrupt() in the SortItem.stop()
method.
Where was this problem discovered ?
-----------------------------------------------------------
An application started getting SecurityExceptions when attempting to
interrupt or stop Threads which had already stopped.
(Review ID: 55468)
======================================================================
If an Applet attempts to stop or interrupt a Thread which it owns, (i.e. the Thread
belongs to the same ThreadGroup as the AppletClassLoader), but the Thread
has already stopped (e.g. because its run() method has terminated) then the
SecurityManager's checkAccess() method throws a SecurityException.
This regression occurs for Thread.stop() and Thread.interrupt(). It could, potentially,
occur for other Thread methods.
Why does this Regression Occur ?
--------------------------------------------------------
The SecurityException thrown during a Thread.stop() has been introduced by a
change which Sun made to this method (Sun defect: 4164156).
This change was made to close a security exposure in the original implementation.
Originally, Thread.stop() called Thread.stop(Throwable o) **THUS ADDING 1**
to the *classLoaderDepth*. 4164156 changed Thread.stop() so that it no longer called
Thread.stop(Throwable o), thus making the classLoaderDepth when it reached
the SecurityManager's checkAccess() method == 3 (rather than 4).
If a SecurityManager's checkAccess() method finds that the classLoaderDepth == 3,
then it carries on with its validation and checks if the Thread we are trying to
change belongs to the same ThreadGroup as the AppletClassLoader.
When a Thread stops then Thread.exit() sets the ThreadGroup variable "group" =
null i.e. the Thread is no longer in any ThreadGroup and any validation of the
ThreadGroup is futile.
Test Case for Thread.stop()
------------------------------------------
The Sun 1.0.2 SortDemo illustrates the problem of the Thread.stop() (someone obviously
noticed the problem in 1.1 since the 1.1 SortDemo patches over the problem by not
attempting to stop the sort Thread !).
1. Run the 1.0.2 SortDemo (e.g. run x:\jdk1.1.6\demo\SortDemo\example1.html) against
a 1.1.7 JDK.
2. Click on the three SortDemo Applets to start them sorting.
3. Wait until the SortDemo Applets have finished sorting.
4. On any of the Applet's:
Click on "Applet"
Click on "Stop"
5. This results in: sun.applet.AppletSecurityException checkaccess.thread.
Test Case for Thread.interrupt()
------------------------------------------------
As above, but change the kicker.stop() to kicker.interrupt() in the SortItem.stop()
method.
Where was this problem discovered ?
-----------------------------------------------------------
An application started getting SecurityExceptions when attempting to
interrupt or stop Threads which had already stopped.
(Review ID: 55468)
======================================================================
- duplicates
-
JDK-4254486 interrupting dead applet thread throws security exception
-
- Resolved
-