Merge pull request elastic/elasticsearch#1001 from rmuir/lock_down_system_property_writes
Ban write access to system properties Original commit: elastic/x-pack-elasticsearch@919cf17b14
This commit is contained in:
commit
82d9247efe
|
@ -5,6 +5,7 @@
|
|||
*/
|
||||
package org.elasticsearch.shield;
|
||||
|
||||
import org.elasticsearch.SpecialPermission;
|
||||
import org.elasticsearch.action.ActionModule;
|
||||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.client.support.Headers;
|
||||
|
@ -53,6 +54,8 @@ import org.elasticsearch.transport.TransportModule;
|
|||
import java.io.Closeable;
|
||||
import java.nio.file.Path;
|
||||
import java.util.*;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -71,6 +74,35 @@ public class ShieldPlugin extends Plugin {
|
|||
private final boolean clientMode;
|
||||
private ShieldLicenseState shieldLicenseState;
|
||||
|
||||
// TODO: clean up this library to not ask for write access to all system properties!
|
||||
static {
|
||||
// invoke this clinit in unbound with permissions to access all system properties
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new SpecialPermission());
|
||||
}
|
||||
try {
|
||||
AccessController.doPrivileged(new PrivilegedAction<Void>() {
|
||||
@Override
|
||||
public Void run() {
|
||||
try {
|
||||
Class.forName("com.unboundid.util.Debug");
|
||||
} catch (ClassNotFoundException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
});
|
||||
// TODO: fix gradle to add all shield resources (plugin metadata) to test classpath
|
||||
// of watcher plugin, which depends on it directly. This prevents these plugins
|
||||
// from being initialized correctly by the test framework, and means we have to
|
||||
// have this leniency.
|
||||
} catch (ExceptionInInitializerError bogus) {
|
||||
if (bogus.getCause() instanceof SecurityException == false) {
|
||||
throw bogus; // some other bug
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public ShieldPlugin(Settings settings) {
|
||||
this.settings = settings;
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
grant {
|
||||
// needed because of problems in unbound LDAP library
|
||||
permission java.util.PropertyPermission "*", "read,write";
|
||||
};
|
|
@ -7,6 +7,7 @@ package org.elasticsearch.watcher;
|
|||
|
||||
import org.elasticsearch.Version;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.SuppressForbidden;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.node.MockNode;
|
||||
import org.elasticsearch.node.Node;
|
||||
|
@ -23,6 +24,7 @@ import java.util.concurrent.CountDownLatch;
|
|||
*/
|
||||
public class WatcherF {
|
||||
|
||||
@SuppressForbidden(reason = "not really code or a test")
|
||||
public static void main(String[] args) throws Throwable {
|
||||
Settings.Builder settings = Settings.builder();
|
||||
settings.put("http.cors.enabled", "true");
|
||||
|
|
|
@ -13,6 +13,7 @@ import org.elasticsearch.action.search.SearchRequest;
|
|||
import org.elasticsearch.action.search.SearchResponse;
|
||||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.SuppressForbidden;
|
||||
import org.elasticsearch.common.metrics.MeanMetric;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.unit.ByteSizeValue;
|
||||
|
@ -63,6 +64,7 @@ public class WatcherScheduleEngineBenchmark {
|
|||
.put("http.cors.enabled", true)
|
||||
.build();
|
||||
|
||||
@SuppressForbidden(reason = "not really code or a test")
|
||||
public static void main(String[] args) throws Exception {
|
||||
System.setProperty("es.logger.prefix", "");
|
||||
|
||||
|
|
Loading…
Reference in New Issue