Flexible Blocking
This allows multiple security manager blocks and unblocks to happen without causing conflictions
This commit is contained in:
Konloch
parent
76aaf8f30f
commit
216882c58e
2 changed files with 11 additions and 11 deletions
|
|
@ -135,11 +135,11 @@ public class ExternalResources
|
|||
if(!empty)
|
||||
return Configuration.java;
|
||||
|
||||
BytecodeViewer.sm.pauseBlocking();
|
||||
|
||||
//check using python CLI flag
|
||||
try
|
||||
{
|
||||
BytecodeViewer.sm.pauseBlocking();
|
||||
|
||||
//read the version output to verify python 2
|
||||
ProcessBuilder pb = new ProcessBuilder("python", "-2", "--version");
|
||||
Process p = pb.start();
|
||||
|
|
@ -162,6 +162,8 @@ public class ExternalResources
|
|||
//check if 'python' command is bound as python 2.X
|
||||
try
|
||||
{
|
||||
BytecodeViewer.sm.pauseBlocking();
|
||||
|
||||
//read the version output to verify python 2
|
||||
ProcessBuilder pb = new ProcessBuilder("python", "--version");
|
||||
Process p = pb.start();
|
||||
|
|
|
|||
|
|
@ -32,12 +32,12 @@ import java.security.Permission;
|
|||
|
||||
public class SecurityMan extends SecurityManager
|
||||
{
|
||||
private boolean blocking = true; //might be insecure due to assholes targeting BCV
|
||||
private int blocking = 1; //might be insecure due to assholes targeting BCV
|
||||
private boolean printing = false;
|
||||
private boolean printingPackage = false;
|
||||
|
||||
public void resumeBlocking() {
|
||||
blocking = true;
|
||||
blocking++;
|
||||
}
|
||||
|
||||
public void pauseBlocking() { //slightly safer security system than just a public static boolean being toggled
|
||||
|
|
@ -55,7 +55,7 @@ public class SecurityMan extends SecurityManager
|
|||
executedClass.equals("the.bytecode.club.bytecodeviewer.BytecodeViewer") ||
|
||||
executedClass.equals("the.bytecode.club.bytecodeviewer.Constants") ||
|
||||
executedClass.equals("the.bytecode.club.bytecodeviewer.compilers.impl.JavaCompiler")) {
|
||||
blocking = false;
|
||||
blocking--;
|
||||
} else for (StackTraceElement stackTraceElements : Thread.currentThread().getStackTrace()) {
|
||||
System.out.println(stackTraceElements.getClassName());
|
||||
}
|
||||
|
|
@ -82,17 +82,15 @@ public class SecurityMan extends SecurityManager
|
|||
};
|
||||
boolean allow = false;
|
||||
|
||||
for (String s : whitelist) {
|
||||
for (String s : whitelist)
|
||||
if (cmd.contains(s)) {
|
||||
allow = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (allow && !blocking) {
|
||||
|
||||
if (allow && blocking == 0)
|
||||
System.out.println("Allowing exec: " + cmd);
|
||||
|
||||
} else throw new SecurityException("BCV is awesome, blocking(" + blocking + ") exec " + cmd);
|
||||
else throw new SecurityException("BCV is awesome, blocking(" + blocking + ") exec " + cmd);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
Loading…
Reference in a new issue