You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by rm...@apache.org on 2019/12/03 01:34:53 UTC
[lucene-solr] branch master updated: SOLR-13991: clean up
permissions in solr-tests.policy AKA break all the tests to hell,
please ping the issue for repeated test failures
This is an automated email from the ASF dual-hosted git repository.
rmuir pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/master by this push:
new aebf7f7 SOLR-13991: clean up permissions in solr-tests.policy AKA break all the tests to hell, please ping the issue for repeated test failures
aebf7f7 is described below
commit aebf7f7a463329879123b6436dd711e62d3f6d37
Author: Robert Muir <rm...@apache.org>
AuthorDate: Mon Dec 2 20:34:01 2019 -0500
SOLR-13991: clean up permissions in solr-tests.policy AKA break all the tests to hell, please ping the issue for repeated test failures
---
lucene/tools/junit4/solr-tests.policy | 97 ++++++++++++++++++++++++++++-------
1 file changed, 79 insertions(+), 18 deletions(-)
diff --git a/lucene/tools/junit4/solr-tests.policy b/lucene/tools/junit4/solr-tests.policy
index 82ed0bf..8140ddb 100644
--- a/lucene/tools/junit4/solr-tests.policy
+++ b/lucene/tools/junit4/solr-tests.policy
@@ -15,13 +15,7 @@
* limitations under the License.
*/
-// Policy file to prevent tests from writing outside the test sandbox directory
-// (must be given as a sysprop: tests.sandbox.dir)
-// This policy also disallows stuff like listening on network ports of interfaces
-// different than 127.0.0.1.
-
-// PLEASE NOTE: You may need to enable other permissions when new tests are added,
-// everything not allowed here is forbidden!
+// Policy file for solr tests. Please keep minimal and avoid wildcards.
grant {
// permissions for file access, write access only to sandbox:
@@ -45,27 +39,94 @@ grant {
// Basic permissions needed for Lucene to work:
permission java.util.PropertyPermission "*", "read,write";
- permission java.lang.reflect.ReflectPermission "*";
- permission java.lang.RuntimePermission "*";
+
+ // needed by gson serialization of junit4 runner: TODO clean that up
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ // needed by junit4 runner to capture sysout/syserr:
+ permission java.lang.RuntimePermission "setIO";
+ // needed by randomized runner to catch failures from other threads:
+ permission java.lang.RuntimePermission "setDefaultUncaughtExceptionHandler";
+ // needed by randomized runner getTopThreadGroup:
+ permission java.lang.RuntimePermission "modifyThreadGroup";
+ // needed by tests e.g. shutting down executors:
+ permission java.lang.RuntimePermission "modifyThread";
+ // needed for tons of test hacks etc
+ permission java.lang.RuntimePermission "getStackTrace";
+ // needed for mock filesystems in tests
+ permission java.lang.RuntimePermission "fileSystemProvider";
+ // needed for test of IOUtils.spins (maybe it can be avoided)
+ permission java.lang.RuntimePermission "getFileStoreAttributes";
+ // analyzers/uima: needed by lucene expressions' JavascriptCompiler
+ permission java.lang.RuntimePermission "createClassLoader";
+ // needed to test unmap hack on platforms that support it
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+ // needed by jacoco to dump coverage
+ permission java.lang.RuntimePermission "shutdownHooks";
+ // needed by org.apache.logging.log4j
+ permission java.lang.RuntimePermission "getenv.*";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "getStackWalkerWithClassReference";
+ // needed by bytebuddy
+ permission java.lang.RuntimePermission "defineClass";
+ // needed by mockito
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.reflect";
+ permission java.lang.RuntimePermission "reflectionFactoryAccess";
+ // needed by SolrResourceLoader
+ permission java.lang.RuntimePermission "closeClassLoader";
+ // needed by HttpSolrClient
+ permission java.lang.RuntimePermission "getFileSystemAttributes";
+ // needed by hadoop auth (TODO: there is a cleaner way to handle this)
+ permission java.lang.RuntimePermission "loadLibrary.jaas";
+ // needed by hadoop hdfs
+ permission java.lang.RuntimePermission "readFileDescriptor";
+ permission java.lang.RuntimePermission "writeFileDescriptor";
+ // needed by hadoop http
+ permission java.lang.RuntimePermission "getProtectionDomain";
// These two *have* to be spelled out a separate
permission java.lang.management.ManagementPermission "control";
permission java.lang.management.ManagementPermission "monitor";
- // Solr needs those:
- permission java.net.NetPermission "*";
- permission java.sql.SQLPermission "*";
+ // needed by hadoop htrace
+ permission java.net.NetPermission "getNetworkInformation";
+
+ // needed by DIH
+ permission java.sql.SQLPermission "deregisterDriver";
+
permission java.util.logging.LoggingPermission "control";
- permission javax.management.MBeanPermission "*", "*";
- permission javax.management.MBeanServerPermission "*";
- permission javax.management.MBeanTrustPermission "*";
- permission javax.security.auth.AuthPermission "*";
+
+ // needed by solr mbeans feature/tests
+ // TODO: can we remove wildcard for class names/members?
+ permission javax.management.MBeanPermission "*", "getAttribute";
+ permission javax.management.MBeanPermission "*", "getMBeanInfo";
+ permission javax.management.MBeanPermission "*", "queryMBeans";
+ permission javax.management.MBeanPermission "*", "queryNames";
+ permission javax.management.MBeanPermission "*", "registerMBean";
+ permission javax.management.MBeanPermission "*", "unregisterMBean";
+ permission javax.management.MBeanServerPermission "createMBeanServer";
+ permission javax.management.MBeanServerPermission "findMBeanServer";
+ permission javax.management.MBeanServerPermission "releaseMBeanServer";
+ permission javax.management.MBeanTrustPermission "register";
+
+ // needed by hadoop auth
+ permission javax.security.auth.AuthPermission "getSubject";
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+ permission javax.security.auth.AuthPermission "doAs";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+ permission javax.security.auth.AuthPermission "setLoginConfiguration";
+ permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.PrivateCredentialPermission "org.apache.hadoop.security.Credentials * \"*\"", "read";
- permission java.security.SecurityPermission "*";
+
+ // needed by hadoop security
+ permission java.security.SecurityPermission "putProviderProperty.SaslPlainServer";
+ permission java.security.SecurityPermission "insertProvider";
+
permission javax.xml.bind.JAXBPermission "setDatatypeConverter";
// SSL related properties for Solr tests
- permission javax.net.ssl.SSLPermission "*";
+ permission javax.net.ssl.SSLPermission "setDefaultSSLContext";
// SASL/Kerberos related properties for Solr tests
permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KerberosTicket * \"*\"", "read";