diff --git a/lucene/tools/junit4/solr-tests.policy b/lucene/tools/junit4/solr-tests.policy index 82ed0bfab16..8140ddb5c8c 100644 --- a/lucene/tools/junit4/solr-tests.policy +++ b/lucene/tools/junit4/solr-tests.policy @@ -15,13 +15,7 @@ * limitations under the License. */ -// Policy file to prevent tests from writing outside the test sandbox directory -// (must be given as a sysprop: tests.sandbox.dir) -// This policy also disallows stuff like listening on network ports of interfaces -// different than 127.0.0.1. - -// PLEASE NOTE: You may need to enable other permissions when new tests are added, -// everything not allowed here is forbidden! +// Policy file for solr tests. Please keep minimal and avoid wildcards. grant { // permissions for file access, write access only to sandbox: @@ -45,27 +39,94 @@ grant { // Basic permissions needed for Lucene to work: permission java.util.PropertyPermission "*", "read,write"; - permission java.lang.reflect.ReflectPermission "*"; - permission java.lang.RuntimePermission "*"; + + // needed by gson serialization of junit4 runner: TODO clean that up + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + // needed by junit4 runner to capture sysout/syserr: + permission java.lang.RuntimePermission "setIO"; + // needed by randomized runner to catch failures from other threads: + permission java.lang.RuntimePermission "setDefaultUncaughtExceptionHandler"; + // needed by randomized runner getTopThreadGroup: + permission java.lang.RuntimePermission "modifyThreadGroup"; + // needed by tests e.g. shutting down executors: + permission java.lang.RuntimePermission "modifyThread"; + // needed for tons of test hacks etc + permission java.lang.RuntimePermission "getStackTrace"; + // needed for mock filesystems in tests + permission java.lang.RuntimePermission "fileSystemProvider"; + // needed for test of IOUtils.spins (maybe it can be avoided) + permission java.lang.RuntimePermission "getFileStoreAttributes"; + // analyzers/uima: needed by lucene expressions' JavascriptCompiler + permission java.lang.RuntimePermission "createClassLoader"; + // needed to test unmap hack on platforms that support it + permission java.lang.RuntimePermission "accessClassInPackage.sun.misc"; + // needed by jacoco to dump coverage + permission java.lang.RuntimePermission "shutdownHooks"; + // needed by org.apache.logging.log4j + permission java.lang.RuntimePermission "getenv.*"; + permission java.lang.RuntimePermission "getClassLoader"; + permission java.lang.RuntimePermission "setContextClassLoader"; + permission java.lang.RuntimePermission "getStackWalkerWithClassReference"; + // needed by bytebuddy + permission java.lang.RuntimePermission "defineClass"; + // needed by mockito + permission java.lang.RuntimePermission "accessClassInPackage.sun.reflect"; + permission java.lang.RuntimePermission "reflectionFactoryAccess"; + // needed by SolrResourceLoader + permission java.lang.RuntimePermission "closeClassLoader"; + // needed by HttpSolrClient + permission java.lang.RuntimePermission "getFileSystemAttributes"; + // needed by hadoop auth (TODO: there is a cleaner way to handle this) + permission java.lang.RuntimePermission "loadLibrary.jaas"; + // needed by hadoop hdfs + permission java.lang.RuntimePermission "readFileDescriptor"; + permission java.lang.RuntimePermission "writeFileDescriptor"; + // needed by hadoop http + permission java.lang.RuntimePermission "getProtectionDomain"; // These two *have* to be spelled out a separate permission java.lang.management.ManagementPermission "control"; permission java.lang.management.ManagementPermission "monitor"; - // Solr needs those: - permission java.net.NetPermission "*"; - permission java.sql.SQLPermission "*"; + // needed by hadoop htrace + permission java.net.NetPermission "getNetworkInformation"; + + // needed by DIH + permission java.sql.SQLPermission "deregisterDriver"; + permission java.util.logging.LoggingPermission "control"; - permission javax.management.MBeanPermission "*", "*"; - permission javax.management.MBeanServerPermission "*"; - permission javax.management.MBeanTrustPermission "*"; - permission javax.security.auth.AuthPermission "*"; + + // needed by solr mbeans feature/tests + // TODO: can we remove wildcard for class names/members? + permission javax.management.MBeanPermission "*", "getAttribute"; + permission javax.management.MBeanPermission "*", "getMBeanInfo"; + permission javax.management.MBeanPermission "*", "queryMBeans"; + permission javax.management.MBeanPermission "*", "queryNames"; + permission javax.management.MBeanPermission "*", "registerMBean"; + permission javax.management.MBeanPermission "*", "unregisterMBean"; + permission javax.management.MBeanServerPermission "createMBeanServer"; + permission javax.management.MBeanServerPermission "findMBeanServer"; + permission javax.management.MBeanServerPermission "releaseMBeanServer"; + permission javax.management.MBeanTrustPermission "register"; + + // needed by hadoop auth + permission javax.security.auth.AuthPermission "getSubject"; + permission javax.security.auth.AuthPermission "modifyPrincipals"; + permission javax.security.auth.AuthPermission "doAs"; + permission javax.security.auth.AuthPermission "getLoginConfiguration"; + permission javax.security.auth.AuthPermission "setLoginConfiguration"; + permission javax.security.auth.AuthPermission "modifyPrivateCredentials"; permission javax.security.auth.PrivateCredentialPermission "org.apache.hadoop.security.Credentials * \"*\"", "read"; - permission java.security.SecurityPermission "*"; + + // needed by hadoop security + permission java.security.SecurityPermission "putProviderProperty.SaslPlainServer"; + permission java.security.SecurityPermission "insertProvider"; + permission javax.xml.bind.JAXBPermission "setDatatypeConverter"; // SSL related properties for Solr tests - permission javax.net.ssl.SSLPermission "*"; + permission javax.net.ssl.SSLPermission "setDefaultSSLContext"; // SASL/Kerberos related properties for Solr tests permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosTicket * \"*\"", "read";