Enable security manager for the replicator module. The test policy for the replicator duplicates everything the regular policy has and just adds those nasty jetty-specific sections. Easier to diff/ spot the difference.

gradle/testing/policies/replicator-tests.policy

@@ -0,0 +1,117 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// Policy file for lucene tests. Please keep minimal and avoid wildcards.
+
+grant {
+  // 3rd party jar resources (where symlinks are not supported), test-files/ resources
+  permission java.io.FilePermission "${common.dir}${/}-", "read";
+  // system jar resources, and let TestIndexWriterOnJRECrash fork its jvm
+  permission java.io.FilePermission "${java.home}${/}-", "read,execute";
+
+  // write only to sandbox
+  permission java.io.FilePermission "${java.io.tmpdir}", "read,write";
+  permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete";
+  permission java.io.FilePermission "${tests.linedocsfile}", "read";
+
+  // misc HardlinkCopyDirectoryWrapper needs this to test if hardlinks can be created
+  permission java.nio.file.LinkPermission "hard";
+  // needed by SSD detection tests in TestIOUtils (creates symlinks)
+  permission java.nio.file.LinkPermission "symbolic";
+
+  // needed by randomizedtesting runner to identify test methods.
+  permission java.lang.RuntimePermission "accessDeclaredMembers";
+  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+  // needed by certain tests to redirect sysout/syserr:
+  permission java.lang.RuntimePermission "setIO";
+  // needed by randomized runner to catch failures from other threads:
+  permission java.lang.RuntimePermission "setDefaultUncaughtExceptionHandler";
+  // needed by randomized runner getTopThreadGroup:
+  permission java.lang.RuntimePermission "modifyThreadGroup";
+  // needed by tests e.g. shutting down executors:
+  permission java.lang.RuntimePermission "modifyThread";
+  // needed for tons of test hacks etc
+  permission java.lang.RuntimePermission "getStackTrace";
+  // needed for mock filesystems in tests
+  permission java.lang.RuntimePermission "fileSystemProvider";
+  // needed for test of IOUtils.spins (maybe it can be avoided)
+  permission java.lang.RuntimePermission "getFileStoreAttributes";
+  // analyzers/uima: needed by lucene expressions' JavascriptCompiler
+  permission java.lang.RuntimePermission "createClassLoader";
+  // needed to test unmap hack on platforms that support it
+  permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+  // needed by cyberneko usage by benchmarks on J9
+  permission java.lang.RuntimePermission "accessClassInPackage.org.apache.xerces.util";
+  // needed by jacoco to dump coverage
+  permission java.lang.RuntimePermission "shutdownHooks";
+  // needed by org.apache.logging.log4j
+  permission java.lang.RuntimePermission "getenv.*";
+  permission java.lang.RuntimePermission "getClassLoader";
+  permission java.lang.RuntimePermission "setContextClassLoader";
+
+  // allows LuceneTestCase#runWithRestrictedPermissions to execute with lower (or no) permission
+  permission java.security.SecurityPermission "createAccessControlContext";
+
+  // read access to all system properties.
+  permission java.util.PropertyPermission "*", "read";
+
+  // write access to only these.
+
+  // environment randomization
+  permission java.util.PropertyPermission "user.language", "write";
+  permission java.util.PropertyPermission "user.timezone", "write";
+
+  // CMS randomization
+  permission java.util.PropertyPermission "lucene.cms.override_core_count", "write";
+  permission java.util.PropertyPermission "lucene.cms.override_spins", "write";
+
+  // used by nested tests? (e.g. TestLeaveFilesIfTestFails). TODO: look into this
+  permission java.util.PropertyPermission "tests.runnested", "write";
+
+  // this section is replicator-specific (jetty)
+
+  // write access to all system properties
+  permission java.util.PropertyPermission "*", "write";
+
+  // replicator: jetty tests require some network permissions:
+  // all possibilities of accepting/binding/connecting on localhost with ports >= 1024:
+  permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect,resolve";
+  permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve";
+  permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve";
+  
+  // SSL related properties for jetty
+  permission java.security.SecurityPermission "getProperty.ssl.KeyManagerFactory.algorithm";
+  permission java.security.SecurityPermission "getProperty.ssl.TrustManagerFactory.algorithm";
+};
+
+
+// Grant all permissions to Gradle test runner classes.
+
+grant codeBase "file:${gradle.lib.dir}${/}-" {
+  permission java.security.AllPermission;
+};
+
+grant codeBase "file:${gradle.worker.jar}" {
+  permission java.security.AllPermission;
+};
+
+grant {
+  // Allow reading gradle worker JAR.
+  permission java.io.FilePermission "${gradle.worker.jar}", "read";
+  // Allow reading from classpath JARs (resources).
+  permission java.io.FilePermission "${gradle.user.home}${/}-", "read";
+};

gradle/testing/policies/tests.policy

@@ -33,10 +33,10 @@ grant {
   // needed by SSD detection tests in TestIOUtils (creates symlinks)
   permission java.nio.file.LinkPermission "symbolic";
 
-// needed by gson serialization of junit4 runner: TODO clean that up
+  // needed by randomizedtesting runner to identify test methods.
   permission java.lang.RuntimePermission "accessDeclaredMembers";
   permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
-  // needed by junit4 runner to capture sysout/syserr:
+  // needed by certain tests to redirect sysout/syserr:
   permission java.lang.RuntimePermission "setIO";
   // needed by randomized runner to catch failures from other threads:
   permission java.lang.RuntimePermission "setDefaultUncaughtExceptionHandler";
@@ -63,12 +63,16 @@ grant {
   permission java.lang.RuntimePermission "getClassLoader";
   permission java.lang.RuntimePermission "setContextClassLoader";
 
-  // read access to all system properties:
+  // allows LuceneTestCase#runWithRestrictedPermissions to execute with lower (or no) permission
+  permission java.security.SecurityPermission "createAccessControlContext";
+
+  // read access to all system properties.
   permission java.util.PropertyPermission "*", "read";
-  // write access to only these:
-  // locale randomization
+
+  // write access to only these.
+
+  // environment randomization
   permission java.util.PropertyPermission "user.language", "write";
-  // timezone randomization
   permission java.util.PropertyPermission "user.timezone", "write";
 
   // CMS randomization
@@ -77,24 +81,6 @@ grant {
 
   // used by nested tests? (e.g. TestLeaveFilesIfTestFails). TODO: look into this
   permission java.util.PropertyPermission "tests.runnested", "write";
-
-  // solr properties. TODO: move these out to SolrTestCase
-  permission java.util.PropertyPermission "solr.data.dir", "write";
-  permission java.util.PropertyPermission "solr.solr.home", "write";
-  permission java.util.PropertyPermission "solr.directoryFactory", "write";
-
-  // replicator: jetty tests require some network permissions:
-  // all possibilities of accepting/binding/connecting on localhost with ports >= 1024:
-  permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect,resolve";
-  permission java.net.SocketPermission "127.0.0.1:1024-", "accept,listen,connect,resolve";
-  permission java.net.SocketPermission "[::1]:1024-", "accept,listen,connect,resolve";
-  
-  // SSL related properties for jetty
-  permission java.security.SecurityPermission "getProperty.ssl.KeyManagerFactory.algorithm";
-  permission java.security.SecurityPermission "getProperty.ssl.TrustManagerFactory.algorithm";
-  
-  // allows LuceneTestCase#runWithRestrictedPermissions to execute with lower (or no) permission
-  permission java.security.SecurityPermission "createAccessControlContext";
 };
 
 

gradle/testing/randomization.gradle

@@ -157,11 +157,8 @@ allprojects {
         // to each project's build/ configuration but it seems compact enough to keep it here for now.
         if (Boolean.parseBoolean(testOptionsResolved["tests.useSecurityManager"])) {
           if (project.path == ":lucene:replicator") {
-            // systemProperty 'java.security.manager', "org.apache.lucene.util.TestSecurityManager"
-            // systemProperty 'java.security.policy', file("${commonDir}/tools/junit4/replicator-tests.policy")
-            doFirst {
-              logger.log(LogLevel.WARN, "Running with security manager not implemented for: ${project.path}")
-            }
+            systemProperty 'java.security.manager', "org.apache.lucene.util.TestSecurityManager"
+            systemProperty 'java.security.policy', rootProject.file("gradle/testing/policies/replicator-tests.policy")
           } else if (project.path.startsWith(":lucene")) {
             systemProperty 'java.security.manager', "org.apache.lucene.util.TestSecurityManager"
             systemProperty 'java.security.policy', rootProject.file("gradle/testing/policies/tests.policy")