* fixes issue https://github.com/Icinga/icinga2/issues/6785 where permission checks get wrong result because permissions checks are done within a shared namespaces without using only unique keys
* mitigates issue https://github.com/Icinga/icinga2/issues/6874 where segmentation faults occur because of concurrent access to non threadsafe parts of namespace (a fix for thread safety of namespaces which would be an alternative approach to get rid of these segfaults is out of scope of this fix as 6785 needs to be fixed anyway and this is the straight-forwards) way to fix that
* do the same for eventqueue (not certain whether events can be processed in parallel but I expect it is the case)
(cherry picked from commit
1e7cd4afc821a0592b535e4270ebb2fdc387a207)
void EventQueue::ProcessEvent(const Dictionary::Ptr& event)
{
- ScriptFrame frame(true);
+ Namespace::Ptr frameNS = new Namespace();
+ ScriptFrame frame(true, frameNS);
frame.Sandboxed = true;
try {
Expression *permissionFilter;
CheckPermission(user, qd.Permission, &permissionFilter);
- ScriptFrame permissionFrame(true);
+ Namespace::Ptr permissionFrameNS = new Namespace();
+ ScriptFrame permissionFrame(true, permissionFrameNS);
for (const String& type : qd.Types) {
String attr = type;