8074812: More specific error message when the .java_pid well-known file is not secure

Reviewed-by: jbachorik, martin

src/aix/native/sun/tools/attach/AixVirtualMachine.c

 /*
- * Copyright (c) 2008, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
  * Copyright 2015 SAP AG. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
@@ -26,6 +26,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -184,15 +185,26 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_AixVirtualMachine_checkPermissions
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -201,6 +213,10 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_AixVirtualMachine_checkPermissions
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }
 

src/solaris/native/sun/tools/attach/BsdVirtualMachine.c

 /*
- * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -149,15 +150,26 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_BsdVirtualMachine_checkPermissions
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -166,6 +178,10 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_BsdVirtualMachine_checkPermissions
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }
 

src/solaris/native/sun/tools/attach/LinuxVirtualMachine.c

 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -367,15 +368,26 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_LinuxVirtualMachine_checkPermission
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -384,6 +396,10 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_LinuxVirtualMachine_checkPermission
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }
 

src/solaris/native/sun/tools/attach/SolarisVirtualMachine.c

 /*
- * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -35,6 +35,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include "sun_tools_attach_SolarisVirtualMachine.h"
 
@@ -112,15 +113,26 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_SolarisVirtualMachine_checkPermissi
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -129,6 +141,10 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_SolarisVirtualMachine_checkPermissi
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }