You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Rick Hillegas (JIRA)" <ji...@apache.org> on 2014/03/01 22:57:19 UTC

[jira] [Updated] (LUCENE-5471) Classloader issues when running Lucene under a java SecurityManager

     [ https://issues.apache.org/jira/browse/LUCENE-5471?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rick Hillegas updated LUCENE-5471:
----------------------------------

    Attachment: SecureLucene.java

Attaching a third version of SecureLucene.java. I have wrapped a privilege block around the application's Lucene calls and pruned some more permissions. This significantly reduces the attack surface.

At this point, I do not need to grant Lucene any runtime or reflection permissions and I do not need to grant Lucene read access to all of the files in the file system. I do not need to grant the application read access to all files in the file system, either. It turns out that Codec loading simply depends on the ability to read the Lucene core jar file.

Here are the reduced permissions which I need to grant:

grant codeBase "file:/Users/rh161140/derby/derby-590/trunk/tools/java/lucene-core-4.5.0.jar"
{
  // permissions for file access, write access only to sandbox:
  permission java.io.FilePermission "/Users/rh161140/derby/derby-590/luceneTest", "read,write,delete";
  permission java.io.FilePermission "/Users/rh161140/derby/derby-590/luceneTest/-", "read,write,delete";
  
  // Basic permissions needed for Lucene to work:
  permission java.util.PropertyPermission "user.dir", "read";
  permission java.util.PropertyPermission "sun.arch.data.model", "read";
};

grant codeBase "file:/Users/rh161140/src/"
{
  // permissions for file access, write access only to sandbox:
  permission java.io.FilePermission "/Users/rh161140/derby/derby-590/trunk/tools/java/lucene-core-4.5.0.jar", "read";
  permission java.io.FilePermission "/Users/rh161140/derby/derby-590/luceneTest", "read,write";
  permission java.io.FilePermission "/Users/rh161140/derby/derby-590/luceneTest/-", "read,write,delete";
  
  // Basic permissions needed for Lucene to work:
  permission java.util.PropertyPermission "user.dir", "read";
  permission java.util.PropertyPermission "sun.arch.data.model", "read";
};


> Classloader issues when running Lucene under a java SecurityManager
> -------------------------------------------------------------------
>
>                 Key: LUCENE-5471
>                 URL: https://issues.apache.org/jira/browse/LUCENE-5471
>             Project: Lucene - Core
>          Issue Type: Bug
>    Affects Versions: 4.5
>            Reporter: Rick Hillegas
>         Attachments: SecureLucene.java, SecureLucene.java
>
>
> I see the following error when I run Lucene 4.5.0 under a java SecurityManager. I will attach a test program which shows this problem. The program works fine when a SecurityManager is not installed. But the program fails when I install a SecurityManager. Even more puzzling, the program works if I first run it without a SecurityManager, then install a SecurityManager, then re-run the program, all within the lifetime of a single JVM. I would appreciate advice about how to work around this problem:
> Exception in thread "main" java.lang.ExceptionInInitializerError
> 	at org.apache.lucene.index.LiveIndexWriterConfig.<init>(LiveIndexWriterConfig.java:122)
> 	at org.apache.lucene.index.IndexWriterConfig.<init>(IndexWriterConfig.java:165)
> 	at SecureLucene$1.run(SecureLucene.java:129)
> 	at SecureLucene$1.run(SecureLucene.java:122)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at SecureLucene.getIndexWriter(SecureLucene.java:120)
> 	at SecureLucene.runTest(SecureLucene.java:72)
> 	at SecureLucene.main(SecureLucene.java:52)
> Caused by: java.lang.IllegalArgumentException: A SPI class of type org.apache.lucene.codecs.Codec with name 'Lucene45' does not exist. You need to add the corresponding JAR file supporting this SPI to your classpath.The current classpath supports the following names: []
> 	at org.apache.lucene.util.NamedSPILoader.lookup(NamedSPILoader.java:109)
> 	at org.apache.lucene.codecs.Codec.forName(Codec.java:95)
> 	at org.apache.lucene.codecs.Codec.<clinit>(Codec.java:122)
> 	... 8 more



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org