From 6df0d9abe2e4fad64db7d4361443655462e2a4fc Mon Sep 17 00:00:00 2001 From: Jacobus Martinus Kruithof Date: Mon, 14 Mar 2005 20:09:54 +0000 Subject: [PATCH] PR: 33361 In ant 1.7 the security manager will, unless explicitly created to allow System.exit veto a System.exit. This allows ant to continue its run when a java program started via the java tasks in nonforked mode without failonerror set calls System.exit. For java tasks in forked mode nothing changes. For java tasks with failonerror set this was already the existing behaviour. git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@277964 13f79535-47bb-0310-9956-ffa450edef68 --- WHATSNEW | 5 +++++ docs/manual/CoreTasks/java.html | 11 +++++++---- src/main/org/apache/tools/ant/taskdefs/Java.java | 6 +++--- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/WHATSNEW b/WHATSNEW index 2f5f8b8ba..7d95d12c9 100644 --- a/WHATSNEW +++ b/WHATSNEW @@ -27,6 +27,11 @@ Changes that could break older environments: volumes can still be specified without an intervening separator. UNC pathnames on Windows must include a server and share name, i.e. "\\a\b" to be considered valid absolute paths. + +* The now as per default installs a security manager + using the default permissions. This is now independent of the + failonerror attribute. + Bugzilla report 33361. Fixed bugs: ----------- diff --git a/docs/manual/CoreTasks/java.html b/docs/manual/CoreTasks/java.html index 7f6d85ffb..7d2b4ed1b 100644 --- a/docs/manual/CoreTasks/java.html +++ b/docs/manual/CoreTasks/java.html @@ -239,10 +239,13 @@ see permissions

When the permission RuntimePermission exitVM has not been granted (or has been revoked) the System.exit() call will be intercepted and treated like indicated in failonerror.

-

Note: -if you specify failonerror="true" and you do not specify permissions, -a set of default permissions will be added to your Java invocation to make sure that -a non-zero return code will lead to a BuildException. +

Note:
+If you do not specify permissions, +a set of default permissions will be added to your Java invocation to make +sure that the ant run will continue or terminated as indicated by +failonerror. All permissions not granted per default will be +checked by whatever security manager was already in place. exitVM will be +disallowed.

Settings will be ignored if fork is enabled.

diff --git a/src/main/org/apache/tools/ant/taskdefs/Java.java b/src/main/org/apache/tools/ant/taskdefs/Java.java index 903fa3035..11081426d 100644 --- a/src/main/org/apache/tools/ant/taskdefs/Java.java +++ b/src/main/org/apache/tools/ant/taskdefs/Java.java @@ -36,7 +36,6 @@ import org.apache.tools.ant.types.Assertions; import org.apache.tools.ant.types.Permissions; import org.apache.tools.ant.types.RedirectorElement; import org.apache.tools.ant.taskdefs.condition.Os; -import org.apache.tools.ant.util.JavaEnvUtils; import org.apache.tools.ant.util.KeepAliveInputStream; /** @@ -117,7 +116,8 @@ public class Java extends Task { * Do the execution and return a return code. * * @return the return code from the execute java class if it was - * executed in a separate VM (fork = "yes"). + * executed in a separate VM (fork = "yes") or a security manager was + * installed that prohibits ExitVM (default). * * @throws BuildException if required parameters are missing. */ @@ -168,7 +168,7 @@ public class Java extends Task { log("bootclasspath ignored when same JVM is used.", Project.MSG_WARN); } - if (perm == null && failOnError) { + if (perm == null) { perm = new Permissions(true); log("running " + this.cmdl.getClassname() + " with default permissions (exit forbidden)", Project.MSG_VERBOSE);