SecurityException throwpoint audit

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

SecurityException throwpoint audit

Gary Benson
Hi all,

I've been trying to work out how to test that permissions are checked
at every point they ought to be.  There's a table of every such point
here:

  http://java.sun.com/j2se/1.4.2/docs/guide/security/permissions.html#PermsAndMethods

Some of these already have tests, but most probably do not.  Before I
start creating tests I'm thinking that we need some way to correlate
mauve tests with the throwpoints on this (and future) lists.

How would people feel if I numbered the throwpoints on the above list
and noted them in their corresponding tests in some easily parsable
form (probably in comments like Tags are already).  That way whether a
throwpoint is tested (and the location of the test) can be found with
a simple grep.

For simplicity I'd probably number the 1.4.2 list from 1-whatever.
Checks added in 1.5 can be added at the end of the list.

It would be convenient if we made a version of the above list
annotated with the throwpoint numbers, but obviously such a thing
could not be distributed.  It should be possible to write a script
that would download and annotate the list for local use.

Does this sound reasonable?

Cheers,
Gary
Reply | Threaded
Open this post in threaded view
|

Re: SecurityException throwpoint audit

Gary Benson
Hi again,

I take it that nobody minds if I start doing this.  The attached
script can be used to create the annotated list of throwpoints so
you can look up IDs I add in comments or whatever.  The script
performs some MD5 checks so you can be sure you're looking at the
same page I am.

Cheers,
Gary

Gary Benson wrote:

> Hi all,
>
> I've been trying to work out how to test that permissions are
> checked at every point they ought to be.  There's a table of
> every such point here:
>
>   http://java.sun.com/j2se/1.4.2/docs/guide/security/permissions.html#PermsAndMethods
>
> Some of these already have tests, but most probably do not.  Before
> I start creating tests I'm thinking that we need some way to
> correlate mauve tests with the throwpoints on this (and future)
> lists.
>
> How would people feel if I numbered the throwpoints on the above
> list and noted them in their corresponding tests in some easily
> parsable form (probably in comments like Tags are already).  That
> way whether a throwpoint is tested (and the location of the test)
> can be found with a simple grep.
>
> For simplicity I'd probably number the 1.4.2 list from 1-whatever.
> Checks added in 1.5 can be added at the end of the list.
>
> It would be convenient if we made a version of the above list
> annotated with the throwpoint numbers, but obviously such a thing
> could not be distributed.  It should be possible to write a script
> that would download and annotate the list for local use.
>
> Does this sound reasonable?
>
> Cheers,
> Gary

get-throwpoints.py (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SecurityException throwpoint audit

Mark Wielaard
In reply to this post by Gary Benson
Hi Gary,

On Mon, 2005-11-21 at 16:58 +0000, Gary Benson wrote:
> I've been trying to work out how to test that permissions are checked
> at every point they ought to be.  There's a table of every such point
> here:
>
>   http://java.sun.com/j2se/1.4.2/docs/guide/security/permissions.html#PermsAndMethods

I would not trust that list as the definite guide. I just looked for a
random method (which I was just working on for GNU Classpath)
Toolkit.getSystemSelection() and it was not listed.

> Some of these already have tests, but most probably do not.  Before I
> start creating tests I'm thinking that we need some way to correlate
> mauve tests with the throwpoints on this (and future) lists.
>
> How would people feel if I numbered the throwpoints on the above list
> and noted them in their corresponding tests in some easily parsable
> form (probably in comments like Tags are already).  That way whether a
> throwpoint is tested (and the location of the test) can be found with
> a simple grep.
>
> For simplicity I'd probably number the 1.4.2 list from 1-whatever.
> Checks added in 1.5 can be added at the end of the list.
I don't really like the numbering. I would propose to actually name the
tests with somewhat meaningful names. Something like
<PermissionClassName>_<ClassName>_<MethodName> for each Permission and
class.method() needing to check for that permission. (example:
AWTPermission_Toolkit_getSystemSelection)

Or maybe have a directory per PermissionClassName.

That is how jacks is setup. It follows the JLS, but it doesn't use the
section numbers, but logical names of the sections that the tests are
for.

Cheers,

Mark

signature.asc (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SecurityException throwpoint audit

Tom Tromey
>>>>> "Mark" == Mark Wielaard <[hidden email]> writes:

Mark> I don't really like the numbering. I would propose to actually name the
Mark> tests with somewhat meaningful names.

Yeah, if there is a way to do this "stably" then I think it would be
preferable.

Tom

Reply | Threaded
Open this post in threaded view
|

Re: SecurityException throwpoint audit

Gary Benson
In reply to this post by Mark Wielaard
Mark Wielaard wrote:

> On Mon, 2005-11-21 at 16:58 +0000, Gary Benson wrote:
> > I've been trying to work out how to test that permissions are
> > checked at every point they ought to be.  There's a table of every
> > such point here:
> >
> >   http://java.sun.com/j2se/1.4.2/docs/guide/security/permissions.html#PermsAndMethods
>
> I would not trust that list as the definite guide. I just looked for
> a random method (which I was just working on for GNU Classpath)
> Toolkit.getSystemSelection() and it was not listed.

Ah, thanks for the warning.

> > How would people feel if I numbered the throwpoints on the above
> > list and noted them in their corresponding tests in some easily
> > parsable form (probably in comments like Tags are already).  That
> > way whether a throwpoint is tested (and the location of the test)
> > can be found with a simple grep.
> >
> > For simplicity I'd probably number the 1.4.2 list from 1-whatever.
> > Checks added in 1.5 can be added at the end of the list.
>
> I don't really like the numbering. I would propose to actually name
> the tests with somewhat meaningful names. Something like
> <PermissionClassName>_<ClassName>_<MethodName> for each Permission
> and class.method() needing to check for that permission. (example:
> AWTPermission_Toolkit_getSystemSelection)

Yeah, that's better I suppose, I'll use that.

Cheers,
Gary