test/arthas
1
0
Fork 0
mirror of https://gitee.com/arthas/arthas.git synced 2024-12-03 12:48:48 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

add security-plugin

Browse Source
This commit is contained in:
hengyunabc 2019-06-03 20:07:45 +08:00
parent 88fe2eae5a
commit 907ff9c4bf
4 changed files with 340 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pom.xml
View File

@ -68,6 +68,7 @@
<module>boot</module>
<module>demo</module>
<module>apm-demo</module>
<module>security-plugin</module>
<module>testcase</module>
<module>site</module>
<module>packaging</module>

57
security-plugin/pom.xml Normal file
View File

@ -0,0 +1,57 @@
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.taobao.arthas</groupId>
<artifactId>arthas-all</artifactId>
<version>4.0.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>arthas-security-plugin</artifactId>
<name>arthas-security-plugin</name>
<dependencies>
<dependency>
<groupId>com.taobao.arthas</groupId>
<artifactId>arthas-agent</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<scope>provided</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<scope>provided</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<scope>provided</scope>
<optional>true</optional>
</dependency>
</dependencies>
<build>
<finalName>security-plugin</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.6</source>
<target>1.6</target>
<encoding>UTF-8</encoding>
<showDeprecation>true</showDeprecation>
</configuration>
</plugin>
</plugins>
</build>
</project>

243
security-plugin/src/main/java/com/alibaba/arthas/security/plugin/ArthasSecurityManager.java Normal file
View File

@ -0,0 +1,243 @@
package com.alibaba.arthas.security.plugin;
import java.io.FileDescriptor;
import java.security.Permission;
import com.alibaba.arthas.deps.org.slf4j.Logger;
public class ArthasSecurityManager extends SecurityManager {
private Logger logger;
private SecurityManager delegate;
public ArthasSecurityManager(SecurityManager securityManager) {
this.delegate = securityManager;
}
@Override
public void checkPermission(Permission perm) {
if (this.delegate == null) {
return;
}
logger.info("checkPermission, perm: {}", perm);
this.delegate.checkPermission(perm);
}
@Override
public void checkPermission(Permission perm, Object context) {
if (this.delegate == null) {
return;
}
logger.info("checkPermission, perm: {}", perm);
this.delegate.checkPermission(perm, context);
}
@Override
public void checkCreateClassLoader() {
if (this.delegate == null) {
return;
}
logger.info("checkCreateClassLoader");
this.delegate.checkCreateClassLoader();
}
@Override
public void checkAccess(Thread t) {
if (this.delegate == null) {
return;
}
logger.info("checkAccess, thread: {}", t);
this.delegate.checkAccess(t);
}
@Override
public void checkAccess(ThreadGroup g) {
if (this.delegate == null) {
return;
}
logger.info("checkAccess, ThreadGroup: {}", g);
this.delegate.checkAccess(g);
}
@Override
public void checkExit(int status) {
if (this.delegate == null) {
return;
}
logger.info("checkExit, status: {}", status);
this.delegate.checkExit(status);
}
@Override
public void checkExec(String cmd) {
if (this.delegate == null) {
return;
}
logger.info("checkExec, cmd: {}", cmd);
this.delegate.checkExec(cmd);
}
@Override
public void checkLink(String lib) {
if (this.delegate == null) {
return;
}
logger.info("checkLink, checkLink: {}", lib);
this.delegate.checkLink(lib);
}
@Override
public void checkRead(FileDescriptor fd) {
if (this.delegate == null) {
return;
}
logger.info("checkRead, fd: {}", fd);
this.delegate.checkRead(fd);
}
@Override
public void checkRead(String file) {
if (this.delegate == null) {
return;
}
logger.info("checkRead, file: {}", file);
this.delegate.checkRead(file);
}
@Override
public void checkRead(String file, Object context) {
if (this.delegate == null) {
return;
}
logger.info("checkRead, file: {}", file);
this.delegate.checkRead(file, context);
}
@Override
public void checkWrite(FileDescriptor fd) {
if (this.delegate == null) {
return;
}
logger.info("checkWrite, fd: {}", fd);
this.delegate.checkWrite(fd);
}
@Override
public void checkWrite(String file) {
if (this.delegate == null) {
return;
}
logger.info("checkWrite, file: {}", file);
this.delegate.checkWrite(file);
}
@Override
public void checkDelete(String file) {
if (this.delegate == null) {
return;
}
logger.info("checkDelete, file: {}", file);
this.delegate.checkDelete(file);
}
@Override
public void checkConnect(String host, int port) {
if (this.delegate == null) {
return;
}
logger.info("checkConnect, host: {}, port: {}", host, port);
this.delegate.checkConnect(host, port);
}
@Override
public void checkConnect(String host, int port, Object context) {
if (this.delegate == null) {
return;
}
logger.info("checkConnect, host: {}, port: {}", host, port);
this.delegate.checkConnect(host, port, context);
}
@Override
public void checkListen(int port) {
if (this.delegate == null) {
return;
}
logger.info("checkListen, port: {}", port);
this.delegate.checkListen(port);
}
@Override
public void checkAccept(String host, int port) {
if (this.delegate == null) {
return;
}
logger.info("checkAccept, host: {}, port: {}", host, port);
this.delegate.checkAccept(host, port);
}
@Override
public void checkPropertiesAccess() {
if (this.delegate == null) {
return;
}
logger.info("checkPropertiesAccess");
this.delegate.checkPropertiesAccess();
}
@Override
public void checkPropertyAccess(String key) {
if (this.delegate == null) {
return;
}
logger.info("checkPropertyAccess, key: {}", key);
this.delegate.checkPropertyAccess(key);
}
@Override
public void checkPrintJobAccess() {
if (this.delegate == null) {
return;
}
logger.info("checkPrintJobAccess");
this.delegate.checkPrintJobAccess();
}
@Override
public void checkPackageAccess(String pkg) {
if (this.delegate == null) {
return;
}
logger.info("checkPackageAccess, pkg: {}", pkg);
this.delegate.checkPackageAccess(pkg);
}
@Override
public void checkPackageDefinition(String pkg) {
if (this.delegate == null) {
return;
}
logger.info("checkPackageDefinition, pkg: {}", pkg);
this.delegate.checkPackageDefinition(pkg);
}
@Override
public void checkSetFactory() {
if (this.delegate == null) {
return;
}
logger.info("checkSetFactory");
this.delegate.checkSetFactory();
}
@Override
public void checkSecurityAccess(String target) {
if (this.delegate == null) {
return;
}
logger.info("checkSecurityAccess, target: {}", target);
this.delegate.checkSecurityAccess(target);
}
}

39
security-plugin/src/main/java/com/alibaba/arthas/security/plugin/SecurityPluginActivator.java Normal file
View File

@ -0,0 +1,39 @@
package com.alibaba.arthas.security.plugin;
import com.alibaba.arthas.plugin.PluginActivator;
import com.alibaba.arthas.plugin.PluginContext;
/**
* 1. 跟踪所有的 Runtime exec
* 获取所有的 servlet 请求的
* @author hengyunabc 2019-04-04
*
*/
public class SecurityPluginActivator implements PluginActivator{
@Override
public boolean enabled(PluginContext context) {
return true;
}
@Override
public void init(PluginContext context) throws Exception {
}
@Override
public void start(PluginContext context) throws Exception {
SecurityManager securityManager = System.getSecurityManager();
if(securityManager != null) {
securityManager = new ArthasSecurityManager(securityManager);
System.setSecurityManager(securityManager);
}
}
@Override
public void stop(PluginContext context) throws Exception {
}
}