You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Dawid Weiss (JIRA)" <ji...@apache.org> on 2014/05/22 08:08:38 UTC
[jira] [Commented] (LUCENE-5650) Enforce read-only access to any
path outside the temporary folder via security manager
[ https://issues.apache.org/jira/browse/LUCENE-5650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14005649#comment-14005649 ]
Dawid Weiss commented on LUCENE-5650:
-------------------------------------
I'm merging with the trunk right now. Will commit in a moment.
> Enforce read-only access to any path outside the temporary folder via security manager
> --------------------------------------------------------------------------------------
>
> Key: LUCENE-5650
> URL: https://issues.apache.org/jira/browse/LUCENE-5650
> Project: Lucene - Core
> Issue Type: Improvement
> Components: general/test
> Reporter: Ryan Ernst
> Assignee: Dawid Weiss
> Priority: Minor
> Fix For: 4.9, 5.0
>
> Attachments: LUCENE-5650.patch, LUCENE-5650.patch, LUCENE-5650.patch, LUCENE-5650.patch, dih.patch
>
>
> The recent refactoring to all the create temp file/dir functions (which is great!) has a minor regression from what existed before. With the old {{LuceneTestCase.TEMP_DIR}}, the directory was created if it did not exist. So, if you set {{java.io.tmpdir}} to {{"./temp"}}, then it would create that dir within the per jvm working dir. However, {{getBaseTempDirForClass()}} now does asserts that check the dir exists, is a dir, and is writeable.
> Lucene uses {{"."}} as {{java.io.tmpdir}}. Then in the test security manager, the per jvm cwd has read/write/execute permissions. However, this allows tests to write to their cwd, which I'm trying to protect against (by setting cwd to read/execute in my test security manager).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org