Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

LUCENE-4632: Restrict test-framework's write permissions more: Only allow write to per-JVM CWD and the clover.db.dir; update randomizedtesting to 2.0.6 

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1422437 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Uwe Schindler 2012-12-16 00:50:32 +00:00
parent 4d32c5d6bc
commit 497342bd6b
14 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dev-tools/idea/.idea/libraries/JUnit.xml
View File

@ -2,7 +2,7 @@
<library name="JUnit"> <library name="JUnit">
<CLASSES> <CLASSES>
<root url="jar://$PROJECT_DIR$/lucene/test-framework/lib/junit-4.10.jar!/" /> <root url="jar://$PROJECT_DIR$/lucene/test-framework/lib/junit-4.10.jar!/" />
<root url="jar://$PROJECT_DIR$/lucene/test-framework/lib/randomizedtesting-runner-2.0.5.jar!/" /> <root url="jar://$PROJECT_DIR$/lucene/test-framework/lib/randomizedtesting-runner-2.0.6.jar!/" />
</CLASSES> </CLASSES>
<JAVADOC /> <JAVADOC />
<SOURCES /> <SOURCES />

2
dev-tools/maven/pom.xml.template
View File

@ -445,7 +445,7 @@
<dependency> <dependency>
<groupId>com.carrotsearch.randomizedtesting</groupId> <groupId>com.carrotsearch.randomizedtesting</groupId>
<artifactId>randomizedtesting-runner</artifactId> <artifactId>randomizedtesting-runner</artifactId>
<version>2.0.5</version> <version>2.0.6</version>
</dependency> </dependency>
</dependencies> </dependencies>
</dependencyManagement> </dependencyManagement>

8
lucene/common-build.xml
View File

@ -817,9 +817,11 @@
--> -->
</junit4:pickfromlist> </junit4:pickfromlist>
<mkdir dir="@{tempDir}/temp" />
<junit4:junit4 <junit4:junit4
dir="@{tempDir}" dir="@{tempDir}"
tempdir="@{tempDir}" tempdir="@{tempDir}/temp"
maxmemory="${tests.heapsize}" maxmemory="${tests.heapsize}"
parallelism="@{threadNum}" parallelism="@{threadNum}"
@ -893,7 +895,7 @@
<sysproperty key="java.io.tmpdir" value="." /> <sysproperty key="java.io.tmpdir" value="." />
<!-- Restrict access to certain Java features and install security manager: --> <!-- Restrict access to certain Java features and install security manager: -->
<sysproperty key="tests.sandbox.dir" file="${tests.tempDir}" /> <sysproperty key="junit4.tempDir" file="@{tempDir}/temp" />
<sysproperty key="clover.db.dir" file="${clover.db.dir}" /> <sysproperty key="clover.db.dir" file="${clover.db.dir}" />
<sysproperty key="java.security.manager" value="org.apache.lucene.util.TestSecurityManager" /> <sysproperty key="java.security.manager" value="org.apache.lucene.util.TestSecurityManager" />
<sysproperty key="java.security.policy" file="${common.dir}/tools/junit4/tests.policy" /> <sysproperty key="java.security.policy" file="${common.dir}/tools/junit4/tests.policy" />
@ -2041,7 +2043,7 @@ The following arguments can be provided to ant to alter its behaviour and target
<junit4:pickseed property="pitest.seed" /> <junit4:pickseed property="pitest.seed" />
<property name="pitest.sysprops" value="-Dlucene.version=${dev.version},-Dtest.seed=${pitest.seed},-Djava.security.manager,-Djava.security.policy=${common.dir}/tools/junit4/tests.policy,-Djava.io.tmpdir=${tests.tempDir},-Dtests.sandbox.dir=${build.dir}" /> <property name="pitest.sysprops" value="-Dlucene.version=${dev.version},-Dtest.seed=${pitest.seed},-Djava.security.manager=org.apache.lucene.util.TestSecurityManager,-Djava.security.policy=${common.dir}/tools/junit4/tests.policy,-Djava.io.tmpdir=${tests.tempDir},-Djunit4.childvm.cwd=${tests.tempDir},-Djunit4.tempDir=${tests.tempDir}" />
<pitest <pitest
classPath="pitest.classpath" classPath="pitest.classpath"

1
lucene/licenses/junit4-ant-2.0.5.jar.sha1
View File

@ -1 +0,0 @@
f744c50364e7c07567f5b9a0af068c8dd134ae62

1
lucene/licenses/junit4-ant-2.0.6.jar.sha1 Normal file
View File

@ -0,0 +1 @@
a882c0bc45fd2dcf8ef2fb1d440f15379619e3d7

1
lucene/licenses/randomizedtesting-runner-2.0.5.jar.sha1
View File

@ -1 +0,0 @@
8a5be67e2cb2798850ecf2609115d660d85b98bc

1
lucene/licenses/randomizedtesting-runner-2.0.6.jar.sha1 Normal file
View File

@ -0,0 +1 @@
527f551a232c39bf78f4862feb4126ce9cdb02c9

4
lucene/test-framework/ivy.xml
View File

@ -32,8 +32,8 @@
<dependency org="org.apache.ant" name="ant" rev="1.8.2" transitive="false" /> <dependency org="org.apache.ant" name="ant" rev="1.8.2" transitive="false" />
<dependency org="junit" name="junit" rev="4.10" transitive="false" conf="default->*;junit4-stdalone->*" /> <dependency org="junit" name="junit" rev="4.10" transitive="false" conf="default->*;junit4-stdalone->*" />
<dependency org="com.carrotsearch.randomizedtesting" name="junit4-ant" rev="2.0.5" transitive="false" conf="default->*;junit4-stdalone->*" /> <dependency org="com.carrotsearch.randomizedtesting" name="junit4-ant" rev="2.0.6" transitive="false" conf="default->*;junit4-stdalone->*" />
<dependency org="com.carrotsearch.randomizedtesting" name="randomizedtesting-runner" rev="2.0.5" transitive="false" conf="default->*;junit4-stdalone->*" /> <dependency org="com.carrotsearch.randomizedtesting" name="randomizedtesting-runner" rev="2.0.6" transitive="false" conf="default->*;junit4-stdalone->*" />
<exclude org="*" ext="*" matcher="regexp" type="${ivy.exclude.types}"/> <exclude org="*" ext="*" matcher="regexp" type="${ivy.exclude.types}"/>
</dependencies> </dependencies>

4
lucene/tools/junit4/tests.policy
View File

@ -26,7 +26,9 @@
grant { grant {
// permissions for file access, write access only to sandbox: // permissions for file access, write access only to sandbox:
permission java.io.FilePermission "<<ALL FILES>>", "read,execute"; permission java.io.FilePermission "<<ALL FILES>>", "read,execute";
permission java.io.FilePermission "${tests.sandbox.dir}${/}-", "read,execute,write,delete"; permission java.io.FilePermission "${junit4.childvm.cwd}", "read,execute,write";
permission java.io.FilePermission "${junit4.childvm.cwd}${/}-", "read,execute,write,delete";
permission java.io.FilePermission "${junit4.tempDir}${/}*", "read,execute,write,delete";
permission java.io.FilePermission "${clover.db.dir}${/}-", "read,execute,write,delete"; permission java.io.FilePermission "${clover.db.dir}${/}-", "read,execute,write,delete";
// all possibilities of accepting/binding connections on localhost with ports >=1024: // all possibilities of accepting/binding connections on localhost with ports >=1024:

1
solr/licenses/junit4-ant-2.0.5.jar.sha1
View File

@ -1 +0,0 @@
f744c50364e7c07567f5b9a0af068c8dd134ae62

1
solr/licenses/junit4-ant-2.0.6.jar.sha1 Normal file
View File

@ -0,0 +1 @@
a882c0bc45fd2dcf8ef2fb1d440f15379619e3d7

1
solr/licenses/randomizedtesting-runner-2.0.5.jar.sha1
View File

@ -1 +0,0 @@
8a5be67e2cb2798850ecf2609115d660d85b98bc

1
solr/licenses/randomizedtesting-runner-2.0.6.jar.sha1 Normal file
View File

@ -0,0 +1 @@
527f551a232c39bf78f4862feb4126ce9cdb02c9

4
solr/test-framework/ivy.xml
View File

@ -32,8 +32,8 @@
<dependency org="org.apache.ant" name="ant" rev="1.8.2" transitive="false" /> <dependency org="org.apache.ant" name="ant" rev="1.8.2" transitive="false" />
<dependency org="junit" name="junit" rev="4.10" transitive="false" conf="default->*;junit4-stdalone->*" /> <dependency org="junit" name="junit" rev="4.10" transitive="false" conf="default->*;junit4-stdalone->*" />
<dependency org="com.carrotsearch.randomizedtesting" name="junit4-ant" rev="2.0.5" transitive="false" conf="default->*;junit4-stdalone->*" /> <dependency org="com.carrotsearch.randomizedtesting" name="junit4-ant" rev="2.0.6" transitive="false" conf="default->*;junit4-stdalone->*" />
<dependency org="com.carrotsearch.randomizedtesting" name="randomizedtesting-runner" rev="2.0.5" transitive="false" conf="default->*;junit4-stdalone->*" /> <dependency org="com.carrotsearch.randomizedtesting" name="randomizedtesting-runner" rev="2.0.6" transitive="false" conf="default->*;junit4-stdalone->*" />
<exclude org="*" ext="*" matcher="regexp" type="${ivy.exclude.types}"/> <exclude org="*" ext="*" matcher="regexp" type="${ivy.exclude.types}"/>
</dependencies> </dependencies>