From 9d6b1382e741e392f69834239f15435f59f3f475 Mon Sep 17 00:00:00 2001
From: Robert Muir <rmuir@apache.org>
Date: Tue, 21 Apr 2015 19:02:14 -0400
Subject: [PATCH 1/2] Fix JVM isolation in tests.

Currently security manager would allow for one JVM to muck
with the files (read, write, AND delete) of another JVM.

This is unnecessary.
---
 dev-tools/tests.policy | 4 +++-
 pom.xml                | 3 +--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/dev-tools/tests.policy b/dev-tools/tests.policy
index a394d5cb74d..940e5badc3b 100644
--- a/dev-tools/tests.policy
+++ b/dev-tools/tests.policy
@@ -32,9 +32,11 @@ grant {
   permission java.io.FilePermission "${m2.repository}${/}-", "read";
   // system jar resources
   permission java.io.FilePermission "${java.home}${/}-", "read";
+  // per-jvm directory
   permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp", "read,write";
   permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp${/}-", "read,write,delete";
-  permission java.io.FilePermission "${junit4.tempDir}${/}*", "read,write,delete";
+  //permission java.io.FilePermission "${junit4.tempDir}${/}*", "read,write,delete";
+
   permission java.nio.file.LinkPermission "symbolic";
   permission groovy.security.GroovyCodeSourcePermission "/groovy/script";
 
diff --git a/pom.xml b/pom.xml
index b7aec47c07a..772d7ef6578 100644
--- a/pom.xml
+++ b/pom.xml
@@ -627,8 +627,7 @@
                                 <tests.security.manager>${tests.security.manager}</tests.security.manager>
                                 <tests.compatibility>${tests.compatibility}</tests.compatibility>
                                 <java.awt.headless>true</java.awt.headless>
-                                <!-- everything below is for security manager / test.policy -->
-                                <junit4.tempDir>${project.build.directory}</junit4.tempDir>
+                                <!-- security manager / test.policy -->
                                 <java.security.policy>${basedir}/dev-tools/tests.policy</java.security.policy>
                             </systemProperties>
                         </configuration>

From 69718916df7c28a5bb5d6c43703699e80b67784c Mon Sep 17 00:00:00 2001
From: Robert Muir <rmuir@apache.org>
Date: Tue, 21 Apr 2015 19:04:56 -0400
Subject: [PATCH 2/2] actually remove this line rather than comment it out.
 tsts pass

---
 dev-tools/tests.policy | 1 -
 1 file changed, 1 deletion(-)

diff --git a/dev-tools/tests.policy b/dev-tools/tests.policy
index 940e5badc3b..724f001e422 100644
--- a/dev-tools/tests.policy
+++ b/dev-tools/tests.policy
@@ -35,7 +35,6 @@ grant {
   // per-jvm directory
   permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp", "read,write";
   permission java.io.FilePermission "${junit4.childvm.cwd}${/}temp${/}-", "read,write,delete";
-  //permission java.io.FilePermission "${junit4.tempDir}${/}*", "read,write,delete";
 
   permission java.nio.file.LinkPermission "symbolic";
   permission groovy.security.GroovyCodeSourcePermission "/groovy/script";