You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@stanbol.apache.org by Rupert Westenthaler <ru...@gmail.com> on 2013/01/04 12:00:05 UTC

Add permission for creating temporary files to the anonymous user

Hi Reto, all

WDYT about adding the permission to the anonymous user to create
temporary files. This would solve STANBOL-865 [1] and resolve the
security related issue the TikaEngine is encounting from time to time
(e.g. in the Jenkins build #1200).

best
Rupert


[1] https://issues.apache.org/jira/browse/STANBOL-865

--
| Rupert Westenthaler             rupert.westenthaler@gmail.com
| Bodenlehenstraße 11                             ++43-699-11108907
| A-5500 Bischofshofen

Re: Add permission for creating temporary files to the anonymous user

Posted by Reto Bachmann-Gmür <re...@apache.org>.

Hi Gabriel

Doing the access of the temporary files as privileged would solve the
problem. If its in an external module then the invocation of the module's
method would have to be done in such a section.

I think the idea behind adding this as a default permission is to spare the
developer from having to write too many privileged sections.

Cheers,
Reto

On Thu, Jan 10, 2013 at 12:07 PM, Gabriel Vince
<ga...@apogado.com>wrote:

> Hello Reto,
>
> just an idea - for this critical block (reading the RDF file), can use
> use a PrivilegedAction? Seems then you can do almost anything. Or I am
> mistaken and you call an external module (untrusted code) there?
>
> Best regards
>                 Gabriel
>
>
>
> On Thu, Jan 10, 2013 at 11:58 AM, Reto Bachmann-Gmür <re...@wymiwyg.com>
> wrote:
> > Hi rupert,
> >
> > The default permission are set in the default system graph provided by
> > clerezza's platform.config. As there's just na RDF file there we couldn't
> > make the permssion depend on the value of a system property. I think the
> > easiesiest would be to add that permission ist stanbol's security.core.
> > Question is how to add this in a way, so that if it gets manually removed
> > it's not re-added when the system is started next.
> >
> > Cheers,
> > Reto
> >
> > On Wed, Jan 9, 2013 at 10:53 PM, Rupert Westenthaler <
> > rupert.westenthaler@gmail.com> wrote:
> >
> >> Hi Reto,
> >>
> >> actually I was looking into that earlier today, but I was not able to
> >> find something specific. The only thing I was able to come up was to
> >> get the directory of the temp directory from the System properties and
> >> than set a normal FilePermission. Because of that I adapted the
> >> TikaEngine to call the parser within an
> >> "AccessController.doPrivileged(..)" block (see [1]). This solves
> >> STANBOL-865 but I think it would be still a good idea to enable
> >> temporary file creation for the default user.
> >>
> >> BTW:
> >>
> >> * I would be interested to know where to set such permissions. I was
> >> looking at the Launchpad, where the SecurityManager is set, but after
> >> looking at the code I came to the conclusion that this is the wrong
> >> place to look.
> >>
> >> * On Monday I had a look at the logs of the dev.iks-project.eu:8081
> >> server and I found a lot of SecurityExceptions. It looked like as if
> >> all EnhancementEngines that connect to remote services (such as
> >> dbpedia spotlight, celi, geonames, zemanta, open calais) do not work.
> >> Integration-Tests are not affected by this as they run in offline mode
> >> and therefore do not include tests for Engines that connect to remote
> >> services. If I find some time I will try to test all those engines and
> >> create the according JIRA issues.
> >>
> >> best
> >> Rupert
> >>
> >> [1] http://svn.apache.org/viewvc?rev=1430813&view=rev
> >>
> >> On Wed, Jan 9, 2013 at 10:41 PM, Reto Bachmann-Gmür <re...@apache.org>
> >> wrote:
> >> > Hi Rupert
> >> >
> >> > Do you know what permission would have to be added? A specific
> permission
> >> > allowing to write temporary files and to read only those wouldn't be a
> >> > security risk (DOS can be implemented more efficiently by other
> means).
> >> >
> >> > Cheers,
> >> > Reto
> >> > On Jan 4, 2013 12:00 PM, "Rupert Westenthaler" <
> >> > rupert.westenthaler@gmail.com> wrote:
> >> >
> >> >> Hi Reto, all
> >> >>
> >> >> WDYT about adding the permission to the anonymous user to create
> >> >> temporary files. This would solve STANBOL-865 [1] and resolve the
> >> >> security related issue the TikaEngine is encounting from time to time
> >> >> (e.g. in the Jenkins build #1200).
> >> >>
> >> >> best
> >> >> Rupert
> >> >>
> >> >>
> >> >> [1] https://issues.apache.org/jira/browse/STANBOL-865
> >> >>
> >> >> --
> >> >> | Rupert Westenthaler             rupert.westenthaler@gmail.com
> >> >> | Bodenlehenstraße 11                             ++43-699-11108907
> >> >> | A-5500 Bischofshofen
> >> >>
> >>
> >>
> >>
> >> --
> >> | Rupert Westenthaler             rupert.westenthaler@gmail.com
> >> | Bodenlehenstraße 11                             ++43-699-11108907
> >> | A-5500 Bischofshofen
> >>
>
>
>
> --
> Gabriel Vince
> Senior Consultant
> Apogado
> http://www.apogado.com
>

Re: Add permission for creating temporary files to the anonymous user

Posted by Gabriel Vince <ga...@apogado.com>.

Hello Reto,

just an idea - for this critical block (reading the RDF file), can use
use a PrivilegedAction? Seems then you can do almost anything. Or I am
mistaken and you call an external module (untrusted code) there?

Best regards
                Gabriel



On Thu, Jan 10, 2013 at 11:58 AM, Reto Bachmann-Gmür <re...@wymiwyg.com> wrote:
> Hi rupert,
>
> The default permission are set in the default system graph provided by
> clerezza's platform.config. As there's just na RDF file there we couldn't
> make the permssion depend on the value of a system property. I think the
> easiesiest would be to add that permission ist stanbol's security.core.
> Question is how to add this in a way, so that if it gets manually removed
> it's not re-added when the system is started next.
>
> Cheers,
> Reto
>
> On Wed, Jan 9, 2013 at 10:53 PM, Rupert Westenthaler <
> rupert.westenthaler@gmail.com> wrote:
>
>> Hi Reto,
>>
>> actually I was looking into that earlier today, but I was not able to
>> find something specific. The only thing I was able to come up was to
>> get the directory of the temp directory from the System properties and
>> than set a normal FilePermission. Because of that I adapted the
>> TikaEngine to call the parser within an
>> "AccessController.doPrivileged(..)" block (see [1]). This solves
>> STANBOL-865 but I think it would be still a good idea to enable
>> temporary file creation for the default user.
>>
>> BTW:
>>
>> * I would be interested to know where to set such permissions. I was
>> looking at the Launchpad, where the SecurityManager is set, but after
>> looking at the code I came to the conclusion that this is the wrong
>> place to look.
>>
>> * On Monday I had a look at the logs of the dev.iks-project.eu:8081
>> server and I found a lot of SecurityExceptions. It looked like as if
>> all EnhancementEngines that connect to remote services (such as
>> dbpedia spotlight, celi, geonames, zemanta, open calais) do not work.
>> Integration-Tests are not affected by this as they run in offline mode
>> and therefore do not include tests for Engines that connect to remote
>> services. If I find some time I will try to test all those engines and
>> create the according JIRA issues.
>>
>> best
>> Rupert
>>
>> [1] http://svn.apache.org/viewvc?rev=1430813&view=rev
>>
>> On Wed, Jan 9, 2013 at 10:41 PM, Reto Bachmann-Gmür <re...@apache.org>
>> wrote:
>> > Hi Rupert
>> >
>> > Do you know what permission would have to be added? A specific permission
>> > allowing to write temporary files and to read only those wouldn't be a
>> > security risk (DOS can be implemented more efficiently by other means).
>> >
>> > Cheers,
>> > Reto
>> > On Jan 4, 2013 12:00 PM, "Rupert Westenthaler" <
>> > rupert.westenthaler@gmail.com> wrote:
>> >
>> >> Hi Reto, all
>> >>
>> >> WDYT about adding the permission to the anonymous user to create
>> >> temporary files. This would solve STANBOL-865 [1] and resolve the
>> >> security related issue the TikaEngine is encounting from time to time
>> >> (e.g. in the Jenkins build #1200).
>> >>
>> >> best
>> >> Rupert
>> >>
>> >>
>> >> [1] https://issues.apache.org/jira/browse/STANBOL-865
>> >>
>> >> --
>> >> | Rupert Westenthaler             rupert.westenthaler@gmail.com
>> >> | Bodenlehenstraße 11                             ++43-699-11108907
>> >> | A-5500 Bischofshofen
>> >>
>>
>>
>>
>> --
>> | Rupert Westenthaler             rupert.westenthaler@gmail.com
>> | Bodenlehenstraße 11                             ++43-699-11108907
>> | A-5500 Bischofshofen
>>



-- 
Gabriel Vince
Senior Consultant
Apogado
http://www.apogado.com

Re: Add permission for creating temporary files to the anonymous user

Posted by Reto Bachmann-Gmür <re...@wymiwyg.com>.

Hi rupert,

The default permission are set in the default system graph provided by
clerezza's platform.config. As there's just na RDF file there we couldn't
make the permssion depend on the value of a system property. I think the
easiesiest would be to add that permission ist stanbol's security.core.
Question is how to add this in a way, so that if it gets manually removed
it's not re-added when the system is started next.

Cheers,
Reto

On Wed, Jan 9, 2013 at 10:53 PM, Rupert Westenthaler <
rupert.westenthaler@gmail.com> wrote:

> Hi Reto,
>
> actually I was looking into that earlier today, but I was not able to
> find something specific. The only thing I was able to come up was to
> get the directory of the temp directory from the System properties and
> than set a normal FilePermission. Because of that I adapted the
> TikaEngine to call the parser within an
> "AccessController.doPrivileged(..)" block (see [1]). This solves
> STANBOL-865 but I think it would be still a good idea to enable
> temporary file creation for the default user.
>
> BTW:
>
> * I would be interested to know where to set such permissions. I was
> looking at the Launchpad, where the SecurityManager is set, but after
> looking at the code I came to the conclusion that this is the wrong
> place to look.
>
> * On Monday I had a look at the logs of the dev.iks-project.eu:8081
> server and I found a lot of SecurityExceptions. It looked like as if
> all EnhancementEngines that connect to remote services (such as
> dbpedia spotlight, celi, geonames, zemanta, open calais) do not work.
> Integration-Tests are not affected by this as they run in offline mode
> and therefore do not include tests for Engines that connect to remote
> services. If I find some time I will try to test all those engines and
> create the according JIRA issues.
>
> best
> Rupert
>
> [1] http://svn.apache.org/viewvc?rev=1430813&view=rev
>
> On Wed, Jan 9, 2013 at 10:41 PM, Reto Bachmann-Gmür <re...@apache.org>
> wrote:
> > Hi Rupert
> >
> > Do you know what permission would have to be added? A specific permission
> > allowing to write temporary files and to read only those wouldn't be a
> > security risk (DOS can be implemented more efficiently by other means).
> >
> > Cheers,
> > Reto
> > On Jan 4, 2013 12:00 PM, "Rupert Westenthaler" <
> > rupert.westenthaler@gmail.com> wrote:
> >
> >> Hi Reto, all
> >>
> >> WDYT about adding the permission to the anonymous user to create
> >> temporary files. This would solve STANBOL-865 [1] and resolve the
> >> security related issue the TikaEngine is encounting from time to time
> >> (e.g. in the Jenkins build #1200).
> >>
> >> best
> >> Rupert
> >>
> >>
> >> [1] https://issues.apache.org/jira/browse/STANBOL-865
> >>
> >> --
> >> | Rupert Westenthaler             rupert.westenthaler@gmail.com
> >> | Bodenlehenstraße 11                             ++43-699-11108907
> >> | A-5500 Bischofshofen
> >>
>
>
>
> --
> | Rupert Westenthaler             rupert.westenthaler@gmail.com
> | Bodenlehenstraße 11                             ++43-699-11108907
> | A-5500 Bischofshofen
>

Re: Add permission for creating temporary files to the anonymous user

Posted by Rupert Westenthaler <ru...@gmail.com>.

Hi Reto,

actually I was looking into that earlier today, but I was not able to
find something specific. The only thing I was able to come up was to
get the directory of the temp directory from the System properties and
than set a normal FilePermission. Because of that I adapted the
TikaEngine to call the parser within an
"AccessController.doPrivileged(..)" block (see [1]). This solves
STANBOL-865 but I think it would be still a good idea to enable
temporary file creation for the default user.

BTW:

* I would be interested to know where to set such permissions. I was
looking at the Launchpad, where the SecurityManager is set, but after
looking at the code I came to the conclusion that this is the wrong
place to look.

* On Monday I had a look at the logs of the dev.iks-project.eu:8081
server and I found a lot of SecurityExceptions. It looked like as if
all EnhancementEngines that connect to remote services (such as
dbpedia spotlight, celi, geonames, zemanta, open calais) do not work.
Integration-Tests are not affected by this as they run in offline mode
and therefore do not include tests for Engines that connect to remote
services. If I find some time I will try to test all those engines and
create the according JIRA issues.

best
Rupert

[1] http://svn.apache.org/viewvc?rev=1430813&view=rev

On Wed, Jan 9, 2013 at 10:41 PM, Reto Bachmann-Gmür <re...@apache.org> wrote:
> Hi Rupert
>
> Do you know what permission would have to be added? A specific permission
> allowing to write temporary files and to read only those wouldn't be a
> security risk (DOS can be implemented more efficiently by other means).
>
> Cheers,
> Reto
> On Jan 4, 2013 12:00 PM, "Rupert Westenthaler" <
> rupert.westenthaler@gmail.com> wrote:
>
>> Hi Reto, all
>>
>> WDYT about adding the permission to the anonymous user to create
>> temporary files. This would solve STANBOL-865 [1] and resolve the
>> security related issue the TikaEngine is encounting from time to time
>> (e.g. in the Jenkins build #1200).
>>
>> best
>> Rupert
>>
>>
>> [1] https://issues.apache.org/jira/browse/STANBOL-865
>>
>> --
>> | Rupert Westenthaler             rupert.westenthaler@gmail.com
>> | Bodenlehenstraße 11                             ++43-699-11108907
>> | A-5500 Bischofshofen
>>

-- 
| Rupert Westenthaler             rupert.westenthaler@gmail.com
| Bodenlehenstraße 11                             ++43-699-11108907
| A-5500 Bischofshofen

Re: Add permission for creating temporary files to the anonymous user

Posted by Reto Bachmann-Gmür <re...@apache.org>.

Hi Rupert

Do you know what permission would have to be added? A specific permission
allowing to write temporary files and to read only those wouldn't be a
security risk (DOS can be implemented more efficiently by other means).

Cheers,
Reto
On Jan 4, 2013 12:00 PM, "Rupert Westenthaler" <
rupert.westenthaler@gmail.com> wrote:

> Hi Reto, all
>
> WDYT about adding the permission to the anonymous user to create
> temporary files. This would solve STANBOL-865 [1] and resolve the
> security related issue the TikaEngine is encounting from time to time
> (e.g. in the Jenkins build #1200).
>
> best
> Rupert
>
>
> [1] https://issues.apache.org/jira/browse/STANBOL-865
>
> --
> | Rupert Westenthaler             rupert.westenthaler@gmail.com
> | Bodenlehenstraße 11                             ++43-699-11108907
> | A-5500 Bischofshofen
>