mirror of https://github.com/apache/lucene.git
SOLR-13986: remove execute permission from solr-tests.policy
This commit is contained in:
parent
5a697344ed
commit
1d238c844e
|
@ -41,6 +41,69 @@ public final class TestSecurityManager extends SecurityManager {
|
||||||
super();
|
super();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: move this stuff into a Solr (non-test) SecurityManager!
|
||||||
|
/**
|
||||||
|
* {@inheritDoc}
|
||||||
|
* <p>This method implements hacks to workaround hadoop's garbage Shell and FileUtil code
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public void checkExec(String cmd) {
|
||||||
|
// NOTE: it would be tempting to just allow anything from hadoop's Shell class, but then
|
||||||
|
// that would just give an easy vector for RCE (use hadoop Shell instead of e.g. ProcessBuilder)
|
||||||
|
// so we whitelist actual caller impl methods instead.
|
||||||
|
for (StackTraceElement element : Thread.currentThread().getStackTrace()) {
|
||||||
|
// hadoop insists on shelling out to get the user's supplementary groups?
|
||||||
|
if ("org.apache.hadoop.security.ShellBasedUnixGroupsMapping".equals(element.getClassName()) &&
|
||||||
|
"getGroups".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// hadoop insists on shelling out to parse 'df' command instead of using FileStore?
|
||||||
|
if ("org.apache.hadoop.fs.DF".equals(element.getClassName()) &&
|
||||||
|
"getFilesystem".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// hadoop insists on shelling out to parse 'du' command instead of using FileStore?
|
||||||
|
if ("org.apache.hadoop.fs.DU".equals(element.getClassName()) &&
|
||||||
|
"refresh".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// hadoop insists on shelling out to parse 'ls' command instead of java nio apis?
|
||||||
|
if ("org.apache.hadoop.util.DiskChecker".equals(element.getClassName()) &&
|
||||||
|
"checkDir".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// hadoop insists on shelling out to parse 'stat' command instead of Files.getAttributes?
|
||||||
|
if ("org.apache.hadoop.fs.HardLink".equals(element.getClassName()) &&
|
||||||
|
"getLinkCount".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// hadoop "canExecute" method doesn't handle securityexception and fails completely.
|
||||||
|
// so, lie to it, and tell it we will happily execute, so it does not crash.
|
||||||
|
if ("org.apache.hadoop.fs.FileUtil".equals(element.getClassName()) &&
|
||||||
|
"canExecute".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
super.checkExec(cmd);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritDoc}
|
||||||
|
* <p>This method implements hacks to workaround hadoop's garbage FileUtil code
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public void checkWrite(String file) {
|
||||||
|
for (StackTraceElement element : Thread.currentThread().getStackTrace()) {
|
||||||
|
// hadoop "canWrite" method doesn't handle securityexception and fails completely.
|
||||||
|
// so, lie to it, and tell it we will happily write, so it does not crash.
|
||||||
|
if ("org.apache.hadoop.fs.FileUtil".equals(element.getClassName()) &&
|
||||||
|
"canWrite".equals(element.getMethodName())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
super.checkWrite(file);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@inheritDoc}
|
* {@inheritDoc}
|
||||||
* <p>This method inspects the stack trace and checks who is calling
|
* <p>This method inspects the stack trace and checks who is calling
|
||||||
|
|
|
@ -25,13 +25,13 @@
|
||||||
|
|
||||||
grant {
|
grant {
|
||||||
// permissions for file access, write access only to sandbox:
|
// permissions for file access, write access only to sandbox:
|
||||||
permission java.io.FilePermission "<<ALL FILES>>", "read,execute";
|
permission java.io.FilePermission "<<ALL FILES>>", "read";
|
||||||
permission java.io.FilePermission "${junit4.childvm.cwd}", "read,execute";
|
permission java.io.FilePermission "${junit4.childvm.cwd}", "read";
|
||||||
permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp", "read,execute,write,delete";
|
permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp", "read,write,delete";
|
||||||
permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp${/}-", "read,execute,write,delete";
|
permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp${/}-", "read,write,delete";
|
||||||
permission java.io.FilePermission "${junit4.childvm.cwd}${/}jacoco.db", "write";
|
permission java.io.FilePermission "${junit4.childvm.cwd}${/}jacoco.db", "write";
|
||||||
permission java.io.FilePermission "${junit4.tempDir}${/}*", "read,execute,write,delete";
|
permission java.io.FilePermission "${junit4.tempDir}${/}*", "read,write,delete";
|
||||||
permission java.io.FilePermission "${clover.db.dir}${/}-", "read,execute,write,delete";
|
permission java.io.FilePermission "${clover.db.dir}${/}-", "read,write,delete";
|
||||||
permission java.io.FilePermission "${tests.linedocsfile}", "read";
|
permission java.io.FilePermission "${tests.linedocsfile}", "read";
|
||||||
permission java.nio.file.LinkPermission "hard";
|
permission java.nio.file.LinkPermission "hard";
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue