Bug 47364

GemStone/S 64 Bit

3.4, 3.3.6, 3.3.5, 3.3.4, 3.3.3, 3.3.2, 3.3.1, 3.3, 3.2.17, 3.2.16, 3.2.15, 3.2.14, 3.2.13, 3.2.12, 3.2.11, 3.2.10, 3.2.9, 3.2.8.1, 3.2.8, 3.2.7, 3.2.6, 3.2.5, 3.2.4, 3.2.3, 3.2.2, 3.2.1, 3.2, 3.1.0.6, 3.1.0.5, 3.1.0.4, 3.1.0.3, 3.1.0.2, 3.1.0.1, 3.1, 3.0.1, 3.0, 2.4.8, 2.4.7, 2.4.6, 2.4.5.1, 2.4.5, 2.4.4.8, 2.4.4.7, 2.4.4.4, 2.4.x, 2.3.1.6, 2.3.x, 2.2.5.4, 2.2.x

All Platforms

3.4.1, 3.3.7

Security error when browsing implementors with session methods enabled and no CodeModification privilege

If session methods have been enabled for a UserProfile that does not have CodeModification privilege, if this user attempts to browse implementors of any method, using either GBS or ClassOrganizer>>implementorsOf:, it will trigger the following error:

----------------------------------------------------
GemStone: Error Nonfatal
a SecurityError occurred (error 2151), reason:rtErrNoPriv, An attempt was made to do a privileged operation for which no privilege had been granted. Error Category: 231169 [GemStone] Number: 2151 Arg Count: 1 Context : 32046593 exception : 32044545
Arg 1: [32040705 sz:10 cls: 76545 UserProfile] anUserProfile

For GS version 2.X the error will be formatted slightly differently:

----------------------------------------------------
GemStone: Error Nonfatal
An attempt was made to do a privileged operation for which no privilege had been granted. Error Category: 231169 [GemStone] Number: 2151 Arg Count: 1 Context : 15536641
Arg 1: [15045121 sz:10 cls: 76545 UserProfile] an UserProfile

Workaround

Browse implementors from a GS user with appropriate privileges, or that has not had session methods enabled.


Last updated: 12/5/17