Details
-
Type:
Bug
-
Status:
Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 6.1.1 CE GA2, 6.1.20 EE GA2
-
Fix Version/s: 6.1.X EE, 6.2.0 CE M5
-
Component/s: Security, Security > PACL
-
Labels:
-
Environment:Mac OS X
-
Branch Version/s:6.1.x
-
Backported to Branch:Committed
-
Similar Issues:
Description
On Mac OS X systems, the JDK folder structure is a little different than on Linux and Windows:
/System/Library/Frameworks/JavaVM.framework/Classes/
/System/Library/Frameworks/JavaVM.framework/Commands/
/System/Library/Frameworks/JavaVM.framework/Frameworks/
/System/Library/Frameworks/JavaVM.framework/Headers/
/System/Library/Frameworks/JavaVM.framework/Home/ *** THIS IS $JAVA_HOME BTW ***
/System/Library/Frameworks/JavaVM.framework/JavaVM/
/System/Library/Frameworks/JavaVM.framework/Libraries/
/System/Library/Frameworks/JavaVM.framework/Resources/
/System/Library/Frameworks/JavaVM.framework/Versions/
When a portlet tries to scan the ClassPath for JARs, the JVM will return a list of URLs to JARs in the filesystem. Currently, PACK only provides READ permission on files under $JAVA_HOME/lib but on Mac OS X it is necessary to have read permission on $JAVA_HOME/../Classes as well.
Also, the JVM will return a list of all JARs found under folders specified in the {$java.ext.dirs} system property. For example:
/Library/Java/Extensions/
/System/Library/Java/Extensions/
/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/ext/
So it would be necessary for PACL to include those folders as well.