Mercurial > hg > release > thermostat-1.0

view agent/core/src/test/java/com/redhat/thermostat/agent/internal/RMIRegistryImplTest.java @ 1415:adb678c592f5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Remove RMI-based agent-proxy mechanism. It was discovered that, in certain configurations, the Thermostat agent disclosed JMX management URLs of all local Java virtual machines to any local user. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-8120) More information will be available at: http://cve.mitre.org/cgi-bin/cvename.gci?name=CVE=2014-8120
author Elliott Baron <ebaron@redhat.com>
date Tue, 16 Dec 2014 11:54:58 -0700
parents f0750a42ef85
children
line wrap: on
line source

package com.redhat.thermostat.agent.internal;

import static org.mockito.Mockito.mock;

import java.rmi.Remote;
import java.rmi.RemoteException;

import org.junit.Before;
import org.junit.Test;

public class RMIRegistryImplTest {
    
    private RMIRegistryImpl registry;
    
    @Before
    public void setup() throws Exception {
        registry = new RMIRegistryImpl();
    }
    
    @Test(expected=RemoteException.class)
    public void testGetRegistry() throws Exception {
        registry.getRegistry();
    }
    
    @Test(expected=RemoteException.class)
    public void testExportObject() throws Exception {
        Remote obj = mock(Remote.class);
        registry.export(obj);
    }
    
    @Test(expected=RemoteException.class)
    public void testUnexportObject() throws Exception {
        Remote obj = mock(Remote.class);
        registry.unexport(obj);
    }
}