mirror of https://github.com/apache/lucene.git
e77027dd8c
The solr permissions are weak sauce due to the huge number of features, third-party dependencies, etc. Hence they have access to do many things. For "scripting" such as velocity we have to look at a more aggressive stance: Step 1: Can we wrap a sandbox around the whole goddamn thing and call it a day? Step 2: Let's separate the "engine" from "untrusted code" and only be an asshole to the latter. Step 3: Java's security is shit, Lets contain that classloader and whitelist access. |
||
|---|---|---|
| .. | ||
| src | ||
| build.xml | ||
| ivy.xml | ||