Loaded JARs require an additional read permissions on the main java when used with a SecurityManager #26666
Labels
status: declined
A suggestion or change that we don't feel we should currently apply
See #21073 (comment)
Hello!
With 2.2.7 we now face a problem with the security manager enabled (OpenJDK 11). It seems loaded JARs now need to have additional read permissions on the boot jar. Our situation is the following:
We have 3 modules:
The final BOOT JAR (spring-boot-app.jar) contains the Spring Boot app as well as the API (api.jar). The plugin (plugin.jar) is a separate JAR that gets loaded during runtime. It also has a dependency on the API (api.jar). From 2.2.7, the loaded plugin from outside the Spring Boot app now requires permissions to read the BOOT JAR (spring-boot-app.jar):
We couldn't find the root cause but suspect this commit since we could narrow this behavior down to v2.2.7. We fixed this by providing the file permission to plugin.jar:
It would be nice if one of you could have a look if that is a bug or the new intended behavior. We just wanted to drop a short comment about this problem we face since it took us a long time to track it down.
Best regards,
David
The text was updated successfully, but these errors were encountered: