Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8036559

Attach API does not allow root to connect to process owned by others

XMLWordPrintable

    • x86
    • linux

      FULL PRODUCT VERSION :
      java version "1.7.0_45"
      Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
      Java HotSpot(TM) 64-Bit Server VM (build 24.45-b08, mixed mode)

      ADDITIONAL OS VERSION INFORMATION :
      Linux 2.6.32-358.14.1.el6.x86_64 #1 SMP Mon Jun 17 15:54:20 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux

      A DESCRIPTION OF THE PROBLEM :
      If you use root credentials and attach to a JVM runs by the user on the same machine, it will failed to connect with a error message and on the target process a Thread dump will be generated.

      We would expect that on unix, root should be able to attach and monitor all other process within the system even though it is not owned by root


      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      1) Login as root onto a linux machine
      2) Compile this example in the Core Java Tech Tips:
      https://blogs.oracle.com/CoreJavaTechTips/entry/the_attach_api
      3) Login as another user, run a java process and obtain it's pid.
      4) switch back to root, run java -cp jdk/lib/tools.jar:. Threads <target pid>





      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      On the connecting side we should expect output like this:
      JMX server connection timeout 18 / TIMED_WAITING
      RMI Scheduler(0) / TIMED_WAITING
      RMI TCP Connection(1)-192.168.0.101 / RUNNABLE
      RMI TCP Accept-0 / RUNNABLE
      DestroyJavaVM / RUNNABLE
      AWT-EventQueue-0 / WAITING
      AWT-Windows / RUNNABLE
      AWT-Shutdown / WAITING
      Java2D Disposer / WAITING
      Attach Listener / RUNNABLE
      Signal Dispatcher / RUNNABLE
      Finalizer / WAITING
      Reference Handler / WAITING

      The target JVM should not generate a thread dump and continue normally
      ACTUAL -
      You will see the following message from the tools side:
      Exception in thread "main" com.sun.tools.attach.AttachNotSupportedException: Unable to open socket file: target process not responding or HotSpot VM not loaded
              at sun.tools.attach.LinuxVirtualMachine.<init>(LinuxVirtualMachine.java:106)
              at sun.tools.attach.LinuxAttachProvider.attachVirtualMachine(LinuxAttachProvider.java:63)
              at com.sun.tools.attach.VirtualMachine.attach(VirtualMachine.java:213)
              at Threads.main(Threads.java:15)

      On the target JVM a thread dump will be generated even though we have not request it.

      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      (From https://blogs.oracle.com/CoreJavaTechTips/entry/the_attach_api)
      import java.lang.management.*;
      import java.io.*;
      import java.util.*;
      import javax.management.*;
      import javax.management.remote.*;
      import com.sun.tools.attach.*;

      public class Threads {

        public static void main(String args[]) throws Exception {
          if (args.length != 1) {
            System.err.println("Please provide process id");
            System.exit(-1);
          }
          VirtualMachine vm = VirtualMachine.attach(args[0]);
          String connectorAddr = vm.getAgentProperties().getProperty(
            "com.sun.management.jmxremote.localConnectorAddress");
          if (connectorAddr == null) {
            String agent = vm.getSystemProperties().getProperty(
              "java.home")+File.separator+"lib"+File.separator+
              "management-agent.jar";
            vm.loadAgent(agent);
            connectorAddr = vm.getAgentProperties().getProperty(
              "com.sun.management.jmxremote.localConnectorAddress");
          }
          JMXServiceURL serviceURL = new JMXServiceURL(connectorAddr);
          JMXConnector connector = JMXConnectorFactory.connect(serviceURL);
          MBeanServerConnection mbsc = connector.getMBeanServerConnection();
          ObjectName objName = new ObjectName(
            ManagementFactory.THREAD_MXBEAN_NAME);
          Set<ObjectName> mbeans = mbsc.queryNames(objName, null);
          for (ObjectName name: mbeans) {
            ThreadMXBean threadBean;
            threadBean = ManagementFactory.newPlatformMXBeanProxy(
              mbsc, name.toString(), ThreadMXBean.class);
            long threadIds[] = threadBean.getAllThreadIds();
            for (long threadId: threadIds) {
              ThreadInfo threadInfo = threadBean.getThreadInfo(threadId);
              System.out.println (threadInfo.getThreadName() + " / " +
                  threadInfo.getThreadState());
            }
          }
        }
      }
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      Run the connecting process as the same user id.

        1. hotspot-attach-root.patch
          1 kB
          Jaroslav Bachorík
        2. jdk-attach-root.patch
          1 kB
          Jaroslav Bachorík

            Unassigned Unassigned
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved: