0
System.exit(0); or
System.exit(2);

are posiible to execute without error, run with

java -Djava.security.manager -Djava.security.policy==app.policy -cp bin pl.com.App

app.policy:

grant {
      permission java.io.FilePermission "./*", "read,write";
      permission java.net.SocketPermission "localhost:18080", "accept, connect, listen";
      //permission java.util.PropertyPermission "java.home", "read";
};

security manager for write to file is working correctly, when I remove grant from app.policy, I correctly get Exception when execute new FileWriter("out.txt");

C:\workspace_tomcat\secureWeb>java -version

java version "1.6.0_29"
Java(TM) SE Runtime Environment (build 1.6.0_29-b11)
Java HotSpot(TM) 64-Bit Server VM (build 20.4-b02, mixed mode)

when I run System.exit(0); in webapp under Tomcat with security manager, I correctly get exception.

John Saunders
  • 160,644
  • 26
  • 247
  • 397
bastiat
  • 1,799
  • 2
  • 19
  • 38
  • 1
    Could you please state your question? – Alex Turbin Apr 06 '13 at 18:30
  • why is it possible to execute without exception System.exit(0) when running under security manager without appropriate grant (permission java.lang.RuntimePermission "exitVM.0") ? – bastiat Apr 07 '13 at 10:02

1 Answers1

2

Javadoc states (http://docs.oracle.com/javase/7/docs/technotes/guides/security/permissions.html):

Note: The "exitVM.*" permission is automatically granted to all code loaded from the application class path, thus enabling applications to terminate themselves

This applies when you run your code as independent application. The same applies for Tomcat - it may shutdown itself. BUT this is not expanded to programs run within Tomcat container. These programs are fully controlled by Tomcat security manager: (http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html)

Alex Turbin
  • 2,554
  • 2
  • 22
  • 35
  • Alex, thx for help, I was (mis)suggested by http://docs.oracle.com/javase/6/docs/api/java/lang/SecurityManager.html#checkExit%28int%29 – bastiat Apr 07 '13 at 21:54
  • I must excuse myself, I wasn't so lazy and even I have read myself above javadoc, but for java 6 (which I use), and it states only: This allows an attacker to mount a denial-of-service attack by automatically forcing the virtual machine to halt. http://docs.oracle.com/javase/6/docs/technotes/guides/security/permissions.html – bastiat Apr 07 '13 at 22:02
  • Alex, in topic of securitymanager, could you also see http://stackoverflow.com/questions/15868534/why-security-manager-doesnt-forbid-neither-creating-new-thread-nor-starting-i , thx in advance – bastiat Apr 07 '13 at 22:21