really get groovy indy working

2015-09-15 14:14:44 -04:00 · 2015-09-15 14:14:44 -04:00 · ffe50d5021
parent 3e626d0dd8
commit ffe50d5021
2 changed files with 39 additions and 8 deletions
--- a/core/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java
+++ b/core/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java
@ -37,19 +37,19 @@ final class ESPolicy extends Policy {
    
    /** template policy file, the one used in tests */
    static final String POLICY_RESOURCE = "security.policy";
+    /** limited policy for groovy scripts */
+    static final String GROOVY_RESOURCE = "groovy.policy";
    
    final Policy template;
+    final Policy groovy;
    final PermissionCollection dynamic;
-    final PermissionCollection groovy;

    public ESPolicy(PermissionCollection dynamic) throws Exception {
-        URI uri = getClass().getResource(POLICY_RESOURCE).toURI();
-        this.template = Policy.getInstance("JavaPolicy", new URIParameter(uri));
+        URI policyUri = getClass().getResource(POLICY_RESOURCE).toURI();
+        URI groovyUri = getClass().getResource(GROOVY_RESOURCE).toURI();
+        this.template = Policy.getInstance("JavaPolicy", new URIParameter(policyUri));
+        this.groovy = Policy.getInstance("JavaPolicy", new URIParameter(groovyUri));
        this.dynamic = dynamic;
-        this.groovy = new Permissions();
-        // groovy IndyInterface bootstrap requires this property
-        groovy.add(new PropertyPermission("groovy.indy.logging", "read"));
-        groovy.setReadOnly();
    }

    @Override @SuppressForbidden(reason = "fast equals check is desired")
@ -63,7 +63,7 @@ final class ESPolicy extends Policy {
            if (location != null) {
                // run groovy scripts with no permissions (except logging property)
                if ("/groovy/script".equals(location.getFile())) {
-                    return groovy.implies(permission);
+                    return groovy.implies(domain, permission);
                }
            }
        }
--- a/core/src/main/resources/org/elasticsearch/bootstrap/groovy.policy
+++ b/core/src/main/resources/org/elasticsearch/bootstrap/groovy.policy
@ -0,0 +1,31 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+ 
+/*
+ * Limited security policy for groovy scripts.
+ * This is what is needed for its invokeDynamic functionality to work.
+ */
+grant {
+  
+  // groovy IndyInterface bootstrap requires this property for indy logging
+  permission java.util.PropertyPermission "groovy.indy.logging", "read";
+  
+  // needed IndyInterface selectMethod (setCallSiteTarget)
+  permission java.lang.RuntimePermission "getClassLoader";
+};