Skip to content

Fix FileInterceptor's delete calls for Unix Domain Sockets on Windows #17873

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Apr 10, 2025
Merged

Fix FileInterceptor's delete calls for Unix Domain Sockets on Windows #17873

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
03b199b
Fix FileInterceptor's delete calls for Unix Domain Sockets on Windows
reta Apr 10, 2025
a10b502
Added NetPermission check for UNIX Domain Socket deletion on Windows
reta Apr 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
94 changes: 53 additions & 41 deletions libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

import java.io.FilePermission;
import java.lang.reflect.Method;
import java.net.NetPermission;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
Expand Down Expand Up @@ -71,59 +72,70 @@
boolean isMutating = name.equals("move") || name.equals("write") || name.startsWith("create");
final boolean isDelete = isMutating == false ? name.startsWith("delete") : false;

String targetFilePath = null;
if (isMutating == false && isDelete == false) {
if (name.equals("newByteChannel") == true || name.equals("open") == true) {
if (args.length > 1 && args[1] instanceof OpenOption[] opts) {
for (final OpenOption opt : opts) {
if (opt != StandardOpenOption.READ) {
isMutating = true;
break;
}
}

}
} else if (name.equals("copy") == true) {
if (args.length > 1 && args[1] instanceof String pathStr) {
targetFilePath = Paths.get(pathStr).toAbsolutePath().toString();
} else if (args.length > 1 && args[1] instanceof Path path) {
targetFilePath = path.toAbsolutePath().toString();
// This is Windows implementation of UNIX Domain Sockets (close)
if (isDelete == true
&& walker.getCallerClass().getName().equalsIgnoreCase("sun.nio.ch.PipeImpl$Initializer$LoopbackConnector") == true) {
final NetPermission permission = new NetPermission("accessUnixDomainSocket");

Check warning on line 78 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L78 

Added line #L78 was not covered by tests
for (ProtectionDomain domain : callers) {
if (!policy.implies(domain, permission)) {
throw new SecurityException("Denied access to: " + filePath + ", domain " + domain);

Check warning on line 81 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L81 

Added line #L81 was not covered by tests
}
}
}
} else {
String targetFilePath = null;

Check warning on line 85 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L84-L85 

Added lines #L84 - L85 were not covered by tests
if (isMutating == false && isDelete == false) {
if (name.equals("newByteChannel") == true || name.equals("open") == true) {
if (args.length > 1 && args[1] instanceof OpenOption[] opts) {
for (final OpenOption opt : opts) {
if (opt != StandardOpenOption.READ) {
isMutating = true;
break;

Check warning on line 92 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L91-L92 

Added lines #L91 - L92 were not covered by tests
}
}

// Check each permission separately
for (final ProtectionDomain domain : callers) {
// Handle FileChannel.open() separately to check read/write permissions properly
if (method.getName().equals("open")) {
if (isMutating == true && !policy.implies(domain, new FilePermission(filePath, "read,write"))) {
throw new SecurityException("Denied OPEN (read/write) access to file: " + filePath + ", domain: " + domain);
} else if (!policy.implies(domain, new FilePermission(filePath, "read"))) {
throw new SecurityException("Denied OPEN (read) access to file: " + filePath + ", domain: " + domain);
}
} else if (name.equals("copy") == true) {
if (args.length > 1 && args[1] instanceof String pathStr) {
targetFilePath = Paths.get(pathStr).toAbsolutePath().toString();

Check warning on line 99 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L99 

Added line #L99 was not covered by tests
} else if (args.length > 1 && args[1] instanceof Path path) {
targetFilePath = path.toAbsolutePath().toString();

Check warning on line 101 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L101 

Added line #L101 was not covered by tests
}
}
}

// Handle Files.copy() separately to check read/write permissions properly
if (method.getName().equals("copy")) {
if (!policy.implies(domain, new FilePermission(filePath, "read"))) {
throw new SecurityException("Denied COPY (read) access to file: " + filePath + ", domain: " + domain);
// Check each permission separately
for (final ProtectionDomain domain : callers) {
// Handle FileChannel.open() separately to check read/write permissions properly
if (method.getName().equals("open")) {
if (isMutating == true && !policy.implies(domain, new FilePermission(filePath, "read,write"))) {
throw new SecurityException("Denied OPEN (read/write) access to file: " + filePath + ", domain: " + domain);

Check warning on line 111 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L111 

Added line #L111 was not covered by tests
} else if (!policy.implies(domain, new FilePermission(filePath, "read"))) {
throw new SecurityException("Denied OPEN (read) access to file: " + filePath + ", domain: " + domain);

Check warning on line 113 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L113 

Added line #L113 was not covered by tests
}
}

if (targetFilePath != null) {
if (!policy.implies(domain, new FilePermission(targetFilePath, "write"))) {
throw new SecurityException("Denied COPY (write) access to file: " + targetFilePath + ", domain: " + domain);
// Handle Files.copy() separately to check read/write permissions properly
if (method.getName().equals("copy")) {
if (!policy.implies(domain, new FilePermission(filePath, "read"))) {
throw new SecurityException("Denied COPY (read) access to file: " + filePath + ", domain: " + domain);

Check warning on line 120 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L120 

Added line #L120 was not covered by tests
}

if (targetFilePath != null) {
if (!policy.implies(domain, new FilePermission(targetFilePath, "write"))) {
throw new SecurityException("Denied COPY (write) access to file: " + targetFilePath + ", domain: " + domain);

Check warning on line 125 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L125 

Added line #L125 was not covered by tests
}
}
}
}

// File mutating operations
if (isMutating && !policy.implies(domain, new FilePermission(filePath, "write"))) {
throw new SecurityException("Denied WRITE access to file: " + filePath + ", domain: " + domain);
}
// File mutating operations
if (isMutating && !policy.implies(domain, new FilePermission(filePath, "write"))) {
throw new SecurityException("Denied WRITE access to file: " + filePath + ", domain: " + domain);

Check warning on line 132 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L132 

Added line #L132 was not covered by tests
}

// File deletion operations
if (isDelete && !policy.implies(domain, new FilePermission(filePath, "delete"))) {
throw new SecurityException("Denied DELETE access to file: " + filePath + ", domain: " + domain);
// File deletion operations
if (isDelete && !policy.implies(domain, new FilePermission(filePath, "delete"))) {
throw new SecurityException("Denied DELETE access to file: " + filePath + ", domain: " + domain);

Check warning on line 137 in libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java

View check run for this annotation

Codecov / codecov/patch

libs/agent-sm/agent/src/main/java/org/opensearch/javaagent/FileInterceptor.java#L137 

Added line #L137 was not covered by tests
}
}
}
}
Expand Down
Loading