You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Trejkaz (JIRA)" <ji...@apache.org> on 2016/05/10 17:23:12 UTC
[jira] [Commented] (LUCENE-7135) Constants check for JRE bitness
causes SecurityException under WebStart
[ https://issues.apache.org/jira/browse/LUCENE-7135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15278502#comment-15278502 ]
Trejkaz commented on LUCENE-7135:
---------------------------------
I see this when running our unit tests also. Evidently somewhere up the call chain there is some code we don't trust calling us. We then call Lucene, which ultimately calls this stuff.
(We're bitten by LUCENE-6923 as well, because we are still on 5.4.)
> Constants check for JRE bitness causes SecurityException under WebStart
> -----------------------------------------------------------------------
>
> Key: LUCENE-7135
> URL: https://issues.apache.org/jira/browse/LUCENE-7135
> Project: Lucene - Core
> Issue Type: Bug
> Components: core/other
> Affects Versions: 5.5
> Environment: OS X 10.11.4, Java 1.8.0_77-b03 (under WebStart)
> Reporter: Aaron Madlon-Kay
> Attachments: LUCENE-7135.diff
>
>
> I have an app that I deploy via WebStart that uses Lucene 5.2.1 (we are locked to 5.2.1 because that's what [LanguageTool|https://languagetool.org/] uses).
> When running under the WebStart security manager, there are two locations where exceptions are thrown and prevent pretty much all Lucene classes from initializing. This is true even when we sign everything and specify {{<security><all-permissions/></security>}}.
> # In {{RamUsageEstimator}}, fixed by LUCENE-6923
> # In {{Constants}}, caused by the call {{System.getProperty("sun.arch.data.model")}} (stack trace below).
> {code}
> Error: Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "sun.arch.data.model" "read")
> Error: at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
> Error: at java.security.AccessController.checkPermission(AccessController.java:884)
> Error: at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> Error: at com.sun.javaws.security.JavaWebStartSecurity.checkPermission(Unknown Source)
> Error: at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1294)
> Error: at java.lang.System.getProperty(System.java:717)
> Error: at org.apache.lucene.util.Constants.<clinit>(Constants.java:71)
> Error: ... 34 more
> {code}
> The latter is still present in the latest version. My patch illustrates one solution that appears to be working for us.
> (This patch, together with a backport of the fix to LUCENE-6923, seems to fix the issue for our purposes. However if you really wanted to make my day you could put out a maintenance release of 5.2 with both fixes included.)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org