[
https://issues.apache.org/jira/browse/LUCENE-6238?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14341710#comment-14341710
]
Dawid Weiss commented on LUCENE-6238:
-------------------------------------
I admit I am not a big fan of Java's security architecture... and I never
mastered writing those policy files. I will fix that call to retrieve all
properties, but it is actually a legitimate and valid use case, not something
that is a "bug" or a shitty piece of code. The reason for enumerating all
system properties and putting them in an XML report (which isn't obligatory, by
the way) is that by default both ant and maven's junit runners produce such a
map and many tools (jenkins, bamboo) consume those properties.
I don't see any other way of enumerating all system properties with a "read
only" access other than by calling System.getProperties().
My "fix" will be to ignore any security exception thrown there and just return
an empty map of properties. This said, I think that the policy file should be
written so that it selectively gives more privileges to the test runner's code,
for example by explicitly restricting them to a location as shown here:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html#PropertyExp
{code}
grant codeBase "${randomizedrunner.jar}" {
permission ...;
permission ...;
};
{code}
There may still be problems with proper security context passing, etc.
> minimize tests.policy
> ---------------------
>
> Key: LUCENE-6238
> URL: https://issues.apache.org/jira/browse/LUCENE-6238
> Project: Lucene - Core
> Issue Type: Bug
> Reporter: Robert Muir
> Fix For: Trunk, 5.1
>
> Attachments: LUCENE-6238-mmap.patch, LUCENE-6238.patch,
> LUCENE-6238.patch
>
>
> This is overly permissive:
> {noformat}
> // Basic permissions needed for Lucene to work:
> permission java.util.PropertyPermission "*", "read,write";
> permission java.lang.reflect.ReflectPermission "*";
> permission java.lang.RuntimePermission "*";
> {noformat}
> Because of various BS like unsafe-hacks (only mmap seems to do it properly),
> this means effectively you cannot use lucene with SM today, without allowing
> SM itself to just be disabled with reflection.
> This is easy to fix.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
