From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7320 invoked by alias); 2 Jun 2006 11:55:38 -0000 Received: (qmail 7309 invoked by uid 22791); 2 Jun 2006 11:55:37 -0000 X-Spam-Check-By: sourceware.org Received: from gbenson.demon.co.uk (HELO gbenson.demon.co.uk) (80.177.220.214) by sourceware.org (qpsmtpd/0.31) with ESMTP; Fri, 02 Jun 2006 11:55:33 +0000 Received: from mambo.wire.rat ([192.168.1.6]) by gbenson.demon.co.uk with esmtp (Exim 3.36 #1) id 1Fm8FW-0005tj-00; Fri, 02 Jun 2006 12:55:30 +0100 Received: from mambo.wire.rat (localhost.localdomain [127.0.0.1]) by mambo.wire.rat (8.13.6/8.13.6) with ESMTP id k52BtUaF005576; Fri, 2 Jun 2006 12:55:30 +0100 Received: (from gary@localhost) by mambo.wire.rat (8.13.6/8.13.6/Submit) id k52BtTUh005575; Fri, 2 Jun 2006 12:55:29 +0100 Date: Fri, 02 Jun 2006 11:55:00 -0000 From: Gary Benson To: mauve-discuss@sources.redhat.com, classpath@gnu.org Subject: Re: SecurityException throwpoint audit Message-ID: <20060602115528.GD3558@redhat.com> Mail-Followup-To: mauve-discuss@sources.redhat.com, classpath@gnu.org References: <20060518114004.GA16538@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-IsSubscribed: yes Mailing-List: contact mauve-discuss-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: mauve-discuss-owner@sourceware.org X-SW-Source: 2006-q2/txt/msg00009.txt.bz2 Hi Olli, Sorry for the slow response: I've not been too well this week. There's no driver for running just the throwpoint checks, or just the security-sensitive checks (though pretty much anything can be security-sensitive). The easiest way to do it would be I guess to tag the relevant tests with a "throwpoint" or "security" tag and use the existing tags mechanism to run them. A tag for these tests is long overdue actually. Actually, most of the tests I've written have no tags at all, which I think is wrong. Perhaps someone can enlighten me here. Expected exceptions are checked: it all happens in the the calls to sm.checkAllChecked(). And I fixed the report page -- the machine that generated them had a disk crash a week or so ago, and something got locked up somewhere. Cheers, Gary Olli Vertanen wrote: > Gary, > > Thanks for your reply! > > So throwpoint checks are in these security.java testlets under > various directories? Do you have a driver that could run just the > security tests and nothing else? If not, what would be best strategy > to implement one? > > I can try to write some tests, but your report list seems to be a > bit broken right now. I'm interested in the security manager and the > access controller. > > You seem to check unexpected exceptions (I looked at > FileInputStream/security.java) but what about checking that > expected exceptions are thrown? > > Olli > > > Hi Olli, > > > > Yeah, I'm working on it, slowly but surely. Currently the > > only information online is the automatic status page at > > http://people.redhat.com/gbenson/throwpoint-report.html. > > I have some stuff I wrote the other day for Tom Tromey > > and Anthony Green which I'm tidying up for the wiki but > > I've attached it below in case you're interested. > > > > Cheers, > > Gary > > > > ----- Forwarded message from Gary Benson ----- > > Date: Mon, 15 May 2006 16:51:31 +0100 > > From: Gary Benson > > To: Tom Tromey > > Cc: Anthony Green > > Subject: Re: question about security stuff... > > > > Hi Tom, Anthony, > > > > Most of the security work I've been doing is driven by writing > > throwpoint tests for Mauve. There's a list of every throwpoint > > at http://tinyurl.com/o2ttz and what I do is pick a class and > > write a Mauve test for it. Sometimes it's easy, other times > > whether or not a check happens is governed by some really bizarre > > logic and getting it right is a fiddle. > > > > If you want to write throwpoint tests then that'd be really > > helpful. There's a list of what's done and what's not at > > http://tinyurl.com/egrve (updated nightly) so pick something > > that's not done and have a go. Currently I'm looking at AWT: > > that, java.net and java.security are the gaping holes at the > > moment. > > > > Most of the dirty work happens in TestSecurityManager2. > > First you call its prepareChecks() to tell it what permissions > > you expect to be checked, then you call whatever should perform > > the check, and finally you call its checkAllChecked() method. > > Any unexpected checks will cause a SecurityException to be > > thrown. As well as a list of must-check permissions you can > > supply prepareChecks() with some permissions that may be checked > > (there's some cases where Sun or IBM check something incidental > > that Classpath does not) and there's also a different way of > > running checks to allow stuff like System.exit() to be tested > > without actually exiting the VM. > > > > gnu/testlet/java/io/FileInputStream/security.java is a nice > > simple one to base things on. Some stuff requires different > > classloaders or different threads and if you need that then > > look at gnu/testlet/java/lang/Thread/security.java to see what > > I mean. The "// throwpoint:" comments are for the nightly > > status page. > > > > Of course, there's always PR libgcj/13603 if you don't fancy > > throwpoint tests... > > > > Cheers, > > Gary