[
https://issues.apache.org/jira/browse/LUCENE-6542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14603872#comment-14603872
]
Trejkaz commented on LUCENE-6542:
---------------------------------
It works something like this:
{code:java}
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import java.io.FilePermission;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.Permission;
import java.security.Permissions;
import static org.hamcrest.Matchers.is;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.fail;
public class TestSecurity {
private Path file;
private SecurityManager oldSecurityManager;
@Test
public void test() {
assertThat(Files.isReadable(file), is(true));
try {
Files.isWritable(file);
fail("Expected SecurityException");
} catch (SecurityException e) {
// Expected
}
}
@Before
public void setUp() throws Exception {
file = Files.createTempFile("temp", ".dat");
assertThat(Files.isReadable(file), is(true));
assertThat(Files.isWritable(file), is(true));
oldSecurityManager = System.getSecurityManager();
System.setSecurityManager(new CustomSecurityManager());
}
@After
public void tearDown() {
System.setSecurityManager(oldSecurityManager);
}
private static class CustomSecurityManager extends SecurityManager {
Permissions permitted = new Permissions();
private CustomSecurityManager() {
permitted.add(new RuntimePermission("setSecurityManager"));
permitted.add(new FilePermission("<<ALL FILES>>", "read"));
}
@Override
public void checkPermission(Permission permission) {
if (!permitted.implies(permission)) {
// let super's implementation throw the AccessControlException
super.checkPermission(permission);
}
}
}
}
{code}
> FSDirectory throws AccessControlException unless you grant write access to
> the index
> ------------------------------------------------------------------------------------
>
> Key: LUCENE-6542
> URL: https://issues.apache.org/jira/browse/LUCENE-6542
> Project: Lucene - Core
> Issue Type: Bug
> Components: core/store
> Affects Versions: 5.1
> Reporter: Trejkaz
> Labels: regression
> Attachments: patch.txt
>
>
> Hit this during my attempted upgrade to Lucene 5.1.0. (Yeah, I know 5.2.0 is
> out, and we'll be using that in production anyway, but the merge takes time.)
> Various tests of ours test Directory stuff against methods which the security
> policy won't allow tests to write to. Changes in FSDirectory mean that it now
> demands write access to the directory. 4.10.4 permitted read-only access.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
