[Git][java-team/libnb-platform-java][master] 3 commits: * d/p/allow-security-manager.patch: cherry-pick upstream patch to
Tony Mancill (@tmancill)
gitlab at salsa.debian.org
Wed Apr 24 05:11:03 BST 2024
Tony Mancill pushed to branch master at Debian Java Maintainers / libnb-platform-java
Commits:
66eab061 by Vladimir Petko at 2024-04-15T18:51:30+12:00
* d/p/allow-security-manager.patch: cherry-pick upstream patch to
allow setting Java Security Manager (Closes: #1069015).
- - - - -
29b12c4f by Vladimir Petko at 2024-04-15T18:51:35+12:00
changelog
- - - - -
e4aa474d by Tony Mancill at 2024-04-24T04:10:55+00:00
Merge branch 'security-manager' into 'master'
Java 21: cherry-pick upstream patch to allow setting security manager
See merge request java-team/libnb-platform-java!1
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/allow-security-manager.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,10 @@
+libnb-platform18-java (12.1-3) UNRELEASED; urgency=medium
+
+ * d/p/allow-security-manager.patch: cherry-pick upstream patch to
+ allow setting Java Security Manager (Closes: #1069015).
+
+ -- Vladimir Petko <vladimir.petko at canonical.com> Mon, 15 Apr 2024 17:24:38 +1200
+
libnb-platform18-java (12.1-2) unstable; urgency=medium
* Upload to unstable.
=====================================
debian/patches/allow-security-manager.patch
=====================================
@@ -0,0 +1,226 @@
+Description: A prototype of allowing SecurityManager.
+ Java 21 disables setting security manager without
+ -Djava.security.manager property set.
+ Set the property to allow Netbeans platform to manipulate
+ SecurityManager.
+Author: Jan Lahoda <jlahoda at netbeans.org>
+Origin: https://github.com/apache/netbeans/commit/4c9d9492f70b09aaeae2b8b10fc26ae29433d667
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libnb-platform18-java/+bug/2061363
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069015
+Forwarded: not-needed
+Last-Update: 2024-04-15
+---
+ .../org/netbeans/core/netigso/Netigso.java | 1 +
+ platform/o.n.bootstrap/launcher/unix/nbexec | 2 +-
+ platform/o.n.bootstrap/src/allow.java | 188 ++++++++++++++++++
+ 3 files changed, 190 insertions(+), 1 deletion(-)
+ create mode 100644 platform/o.n.bootstrap/src/allow.java
+
+--- a/platform/core.netigso/src/org/netbeans/core/netigso/Netigso.java
++++ b/platform/core.netigso/src/org/netbeans/core/netigso/Netigso.java
+@@ -142,6 +142,7 @@
+ }
+ framework = frameworkFactory.newFramework(configMap);
+ try {
++ System.clearProperty("java.security.manager");
+ framework.init();
+ NetigsoServices ns = new NetigsoServices(this, framework);
+ } catch (BundleException ex) {
+--- a/platform/o.n.bootstrap/launcher/unix/nbexec
++++ b/platform/o.n.bootstrap/launcher/unix/nbexec
+@@ -189,7 +189,7 @@
+ # rename old heap dump to .old
+ mv "${userdir}/var/log/heapdump.hprof" "${userdir}/var/log/heapdump.hprof.old" > /dev/null 2>&1
+
+-jargs_without_clusters="$jargs"
++jargs_without_clusters="$jargs -Djava.security.manager=allow"
+ jargs="-Dnetbeans.dirs=\"${clusters}\" $jargs_without_clusters"
+
+ if [ -z "$cachedirspecified" ]; then
+--- /dev/null
++++ b/platform/o.n.bootstrap/src/allow.java
+@@ -0,0 +1,184 @@
++/*
++ * Licensed to the Apache Software Foundation (ASF) under one
++ * or more contributor license agreements. See the NOTICE file
++ * distributed with this work for additional information
++ * regarding copyright ownership. The ASF licenses this file
++ * to you under the Apache License, Version 2.0 (the
++ * "License"); you may not use this file except in compliance
++ * with the License. You may obtain a copy of the License at
++ *
++ * http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing,
++ * software distributed under the License is distributed on an
++ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
++ * KIND, either express or implied. See the License for the
++ * specific language governing permissions and limitations
++ * under the License.
++ */
++
++import java.io.FileDescriptor;
++import java.net.InetAddress;
++import java.security.Permission;
++
++/**
++ *
++ */
++public class allow extends SecurityManager {
++
++ @Override
++ public void checkAccept(String host, int port) {
++ uninstall();
++ }
++
++ @Override
++ public void checkAccess(Thread t) {
++ uninstall();
++ }
++
++ @Override
++ public void checkAccess(ThreadGroup g) {
++ uninstall();
++ }
++
++ public void checkAwtEventQueueAccess() {
++ uninstall();
++ }
++
++ @Override
++ public void checkConnect(String host, int port) {
++ uninstall();
++ }
++
++ @Override
++ public void checkConnect(String host, int port, Object context) {
++ uninstall();
++ }
++
++ @Override
++ public void checkCreateClassLoader() {
++ uninstall();
++ }
++
++ @Override
++ public void checkDelete(String file) {
++ uninstall();
++ }
++
++ @Override
++ public void checkExec(String cmd) {
++ uninstall();
++ }
++
++ @Override
++ public void checkExit(int status) {
++ uninstall();
++ }
++
++ @Override
++ public void checkLink(String lib) {
++ uninstall();
++ }
++
++ @Override
++ public void checkListen(int port) {
++ uninstall();
++ }
++
++ public void checkMemberAccess(Class<?> clazz, int which) {
++ uninstall();
++ }
++
++ @Override
++ public void checkMulticast(InetAddress maddr) {
++ uninstall();
++ }
++
++ @Override
++ public void checkMulticast(InetAddress maddr, byte ttl) {
++ uninstall();
++ }
++
++ @Override
++ public void checkPackageAccess(String pkg) {
++ uninstall();
++ }
++
++ @Override
++ public void checkPackageDefinition(String pkg) {
++ uninstall();
++ }
++
++ @Override
++ public void checkPermission(Permission perm) {
++ uninstall();
++ }
++
++ @Override
++ public void checkPermission(Permission perm, Object context) {
++ uninstall();
++ }
++
++ @Override
++ public void checkPrintJobAccess() {
++ uninstall();
++ }
++
++ @Override
++ public void checkPropertiesAccess() {
++ uninstall();
++ }
++
++ @Override
++ public void checkPropertyAccess(String key) {
++ uninstall();
++ }
++
++ @Override
++ public void checkRead(FileDescriptor fd) {
++ uninstall();
++ }
++
++ @Override
++ public void checkRead(String file) {
++ uninstall();
++ }
++
++ @Override
++ public void checkRead(String file, Object context) {
++ uninstall();
++ }
++
++ @Override
++ public void checkSecurityAccess(String target) {
++ uninstall();
++ }
++
++ @Override
++ public void checkSetFactory() {
++ uninstall();
++ }
++
++ public void checkSystemClipboardAccess() {
++ uninstall();
++ }
++
++ public boolean checkTopLevelWindow(Object window) {
++ uninstall();
++ return true;
++ }
++
++ @Override
++ public void checkWrite(FileDescriptor fd) {
++ uninstall();
++ }
++
++ @Override
++ public void checkWrite(String file) {
++ uninstall();
++ }
++
++ private void uninstall() {
++ System.setSecurityManager(null);
++ }
++}
=====================================
debian/patches/series
=====================================
@@ -19,3 +19,4 @@ netbeans-meta_netbeansrelease.patch
platform-libs.batik.read.patch
platform-libs.flatlaf.patch
netbeans-apisupport.harness.patch
+allow-security-manager.patch
View it on GitLab: https://salsa.debian.org/java-team/libnb-platform-java/-/compare/6bedf59c2a7682ef678ec63ca6184c6dfc419449...e4aa474dc6d9b5629ca4f158f792c2eac01a6d8c
--
View it on GitLab: https://salsa.debian.org/java-team/libnb-platform-java/-/compare/6bedf59c2a7682ef678ec63ca6184c6dfc419449...e4aa474dc6d9b5629ca4f158f792c2eac01a6d8c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20240424/d9cf9c08/attachment.htm>
More information about the pkg-java-commits
mailing list