[ https://issues.apache.org/jira/browse/LUCENE-4352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13447246#comment-13447246 ]
Uwe Schindler commented on LUCENE-4352: --------------------------------------- The thing we can do is to explicitely all actions for RuntimePermission and leave out exit(): http://docs.oracle.com/javase/6/docs/api/java/lang/RuntimePermission.html Unfortunately this confuses me: 'This allows an attacker to mount a denial-of-service attack by automatically forcing the virtual machine to halt. Note: The "exitVM.*" permission is automatically granted to all code loaded from the application class path, thus enabling applications to terminate themselves. Also, the "exitVM" permission is equivalent to "exitVM.*".' So this appears to me that exiting is always possible from classes that are inside the application ClassLoader (passed via -classpath to JVM). We could only forbid it, if Solr would load ZooKeeper in a separate ClassLoader. I have to try this out. The second problem is that policy files only allow "grants" not "deny", so if you grant RuntimePermission.* (as it is currently) you cannot explicitely forbid it for one code part. You have to do it vice versa: Disallow it for all (by having the long list of RuntimePermissions instead of "*") and only allow it for one classloader. > only the test runner should be able to System.exit > -------------------------------------------------- > > Key: LUCENE-4352 > URL: https://issues.apache.org/jira/browse/LUCENE-4352 > Project: Lucene - Core > Issue Type: Bug > Reporter: Robert Muir > > All others should get SecurityException -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org