You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by dj...@apache.org on 2005/10/13 15:23:35 UTC
svn commit: r320762 - in
/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests:
harness/jvm.java util/copyfiles.ant util/derby_tests.policy
Author: djd
Date: Thu Oct 13 06:22:27 2005
New Revision: 320762
URL: http://svn.apache.org/viewcvs?rev=320762&view=rev
Log:
DERBY-615 Switch to a security manager policy file with permissions set on a per-jar
basis for improved testing under a security manager. First step in running all tests
under a security manager. This policy file replaces the nwsvr.policy file and currently
is used in the same way, for tests that invoke a separate JVM for the network server.
Added:
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy (with props)
Modified:
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/harness/jvm.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/copyfiles.ant
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/harness/jvm.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/harness/jvm.java?rev=320762&r1=320761&r2=320762&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/harness/jvm.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/harness/jvm.java Thu Oct 13 06:22:27 2005
@@ -108,7 +108,7 @@
// security defaults relative to WS
// not used if jvmargs serverPolicyFile or serverCodeBase are set
- private static String DEFAULT_POLICY="util/nwsvr.policy";
+ private static String DEFAULT_POLICY="util/derby_tests.policy";
private static String DEFAULT_CODEBASE="/classes";
// constructors
@@ -294,7 +294,7 @@
return wshome;
}
- protected static String findCodeBase()
+ protected static String findCodeBase(boolean[] isJar)
{
String classpath = System.getProperty("java.class.path");
char sep = '/';
@@ -306,11 +306,15 @@
String location = zip[i].getLocation().replace('\\','/');
if (location.indexOf("derbynet.jar") != -1)
{
+ isJar[0] = true;
return location.substring(0,location.lastIndexOf(sep));
}
else if ((location.indexOf("classes") != -1) &&
location.indexOf(".jar") == -1)
+ {
+ isJar[0] = false;
return location;
+ }
}
return null;
}
@@ -333,18 +337,21 @@
}
String serverCodeBase = System.getProperty("serverCodeBase");
+ boolean[] isJar = new boolean[1];
if (serverCodeBase == null)
- serverCodeBase = findCodeBase();
+ serverCodeBase = findCodeBase(isJar);
if (serverCodeBase == null)
{
String ws = guessWSHome();
serverCodeBase = ws + DEFAULT_CODEBASE;
}
+
+ File pf = new File(policyFile);
+ File cb = new File(serverCodeBase);
if (policyFile.toLowerCase().equals("none") ||
- (!(new File(policyFile)).exists()) ||
- !(new File(policyFile)).exists())
+ (!pf.exists()))
{
System.out.println("WARNING: Running without Security manager." +
"serverPolicy(" + policyFile +
@@ -352,12 +359,23 @@
") not available");
return;
}
+
this.D.addElement("java.security.manager");
this.D.addElement("java.security.policy=" + policyFile);
- this.D.addElement("csinfo.codebase=" + serverCodeBase);
+
+ String codebaseType = isJar[0] ? "csinfo.codejar" : "csinfo.codeclasses";
+ String unusedType = isJar[0] ? "csinfo.codeclasses" : "csinfo.codejar";
+
+ // URL of the codebase
+ this.D.addElement(codebaseType + "=" + cb.toURL());
+ // file path to the codebase
+ this.D.addElement("csinfo.codedir=" + cb.getAbsolutePath());
this.D.addElement("csinfo.serverhost=localhost");
this.D.addElement("csinfo.trustedhost=localhost");
-
+
+ // add an invalid path to the unused type
+ this.D.addElement(unusedType + "=file://unused/");
+
}
/** Get the base file name from a resource name string
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/copyfiles.ant
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/copyfiles.ant?rev=320762&r1=320761&r2=320762&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/copyfiles.ant (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/copyfiles.ant Thu Oct 13 06:22:27 2005
@@ -1,2 +1,3 @@
nwsvr.policy
+derby_tests.policy
testRoutines.sql
Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy?rev=320762&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy (added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy Thu Oct 13 06:22:27 2005
@@ -0,0 +1,118 @@
+//
+// Policy file with minimal set of permissions to run derby's
+// functional tests.
+//
+// The test harness sets up three variables used by this policy file
+//
+// csinfo.codejar - URL to the jar files when they are in the classpath
+// csinfo.codeclasses - URL to the classes directory when it is in the classpath
+//
+// Only one of csinfo.codejar and csinfo.codeclasses will be valid, the
+// other will be set to a bogus URL like file://unused
+//
+// csinfo.codedir - File location of either csinfo.codejar or csinfo.codejar.
+// Only required due to a BUG.
+
+//
+// Permissions for the embedded engine (derby.jar)
+//
+grant codeBase "${csinfo.codejar}derby.jar" {
+ permission java.util.PropertyPermission "derby.*", "read";
+
+ permission java.lang.RuntimePermission "createClassLoader";
+
+ permission java.io.FilePermission "${derby.system.home}${/}derby.properties", "read";
+ permission java.io.FilePermission "${derby.system.home}${/}derby.log", "read, write, delete";
+ permission java.io.FilePermission "${derby.system.home}", "read";
+
+ // all databases under derby.system.home
+ permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
+
+ // Import/export and other support files from these locations in tests
+ permission java.io.FilePermission "${user.dir}${/}extin${/}*", "read";
+ permission java.io.FilePermission "${user.dir}${/}extinout${/}*", "read, write";
+ permission java.io.FilePermission "${user.dir}${/}extout${/}*", "write";
+
+ // BUG derbynet/sysinfo.java
+ permission java.io.FilePermission "${csinfo.codedir}${/}*", "read";
+
+ // BUG - required for sane=true, checking method signatures
+ // of compiled code - 17 tests fail including derbynet/callable
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
+ // sane=true, jdbcapi/secureUsers1.sql
+ permission java.io.FilePermission "${user.dir}${/}CloudLDAP.out", "write";
+
+};
+
+//
+// Permissions for the network server (derbynet.jar)
+//
+grant codeBase "${csinfo.codejar}derbynet.jar" {
+ permission java.net.SocketPermission "127.0.0.1", "accept";
+ permission java.net.SocketPermission "localhost", "accept";
+ permission java.net.SocketPermission "${csinfo.serverhost}", "accept";
+ permission java.net.SocketPermission "${csinfo.trustedhost}", "accept";
+
+ // tracing files - BUG DERBY-613 default location for tracing
+ // file is meant to be ${derby.system.home} but instead is ${user.dir}
+ // Changes DERBY-613 may require modifying this permission.
+ permission java.io.FilePermission "${user.dir}${/}*", "write";
+
+ // BUG derbynet/sysinfo.java
+ permission java.io.FilePermission "${csinfo.codedir}${/}*", "read";
+
+ // BUG DERBY-616 lang/wisconsin.sql & jdbcapi/maxfieldsize.java
+ permission java.io.FilePermission "${derby.system.home}${/}wombat${/}tmp${/}-", "read, write, delete";
+
+ // BUG - sane=true
+ permission java.util.PropertyPermission "derby.monitor.verbose", "read";
+ permission java.util.PropertyPermission "derby.debug.*", "read";
+
+ // BUG - required for sane=true, checking method signatures
+ // of compiled code - 17 tests fail including derbynet/callable
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+
+};
+
+//
+// super-set of the jar permissions for running out of the classes directory
+//
+grant codeBase "${csinfo.codeclasses}" {
+
+ permission java.util.PropertyPermission "derby.*", "read";
+ permission java.lang.RuntimePermission "createClassLoader";
+
+ permission java.io.FilePermission "${derby.system.home}${/}derby.properties", "read";
+ permission java.io.FilePermission "${derby.system.home}${/}derby.log", "read, write, delete";
+ permission java.io.FilePermission "${derby.system.home}", "read";
+ permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
+
+ permission java.net.SocketPermission "127.0.0.1", "accept";
+ permission java.net.SocketPermission "localhost", "accept";
+ permission java.net.SocketPermission "${csinfo.serverhost}", "accept";
+ permission java.net.SocketPermission "${csinfo.trustedhost}", "accept";
+
+ // tracing files - BUG DERBY-613 default location for tracing
+ // file is meant to be ${derby.system.home} but instead is ${user.dir}
+ // Changes DERBY-613 may require modifying this permission.
+ permission java.io.FilePermission "${user.dir}${/}*", "write";
+
+ // Import/export and other support files from these locations in tests
+ permission java.io.FilePermission "${user.dir}${/}extin${/}*", "read";
+ permission java.io.FilePermission "${user.dir}${/}extinout${/}*", "read, write";
+ permission java.io.FilePermission "${user.dir}${/}extout${/}*", "write";
+
+ // BUG - required for sane=true, checking method signatures
+ // of compiled code - 17 tests fail including derbynet/callable
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+};
+
+// grant to all code, really don't want a section like this
+// remove once the bug is fixed. This is because it will grant
+// permissions to the generated code as well.
+grant {
+ // BUG - required for sane=true, checking method signatures
+ // of compiled code
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+};
Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
------------------------------------------------------------------------------
svn:eol-style = native
Re: svn commit: r320762 - in /db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests:
harness/jvm.java util/copyfiles.ant util/derby_tests.policy
Posted by Daniel John Debrunner <dj...@debrunners.com>.
djd@apache.org wrote:
> Author: djd
> Date: Thu Oct 13 06:22:27 2005
> New Revision: 320762
>
> URL: http://svn.apache.org/viewcvs?rev=320762&view=rev
> Log:
> DERBY-615 Switch to a security manager policy file with permissions set on a per-jar
> basis for improved testing under a security manager. First step in running all tests
> under a security manager. This policy file replaces the nwsvr.policy file and currently
> is used in the same way, for tests that invoke a separate JVM for the network server.
This is the first step in getting all (most of) the tests to run under a
security manager. Only the policy file changed, the number of tests
being run under a security manager remains unchanged. I tested with all
the four combinations of insane/sane and jars/classes. If anyone sees
issues with the change please e-mail the list and I will resolve them.
http://wiki.apache.org/db-derby/SecurityManagerTesting
Thanks,
Dan.