You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@lucene.apache.org by "Ignacio Vera (Jira)" <ji...@apache.org> on 2020/09/09 10:07:00 UTC
[jira] [Created] (LUCENE-9517) BugfixDeflater_JDK8252739 causes
Java security issues in JDk11
Ignacio Vera created LUCENE-9517:
------------------------------------
Summary: BugfixDeflater_JDK8252739 causes Java security issues in JDk11
Key: LUCENE-9517
URL: https://issues.apache.org/jira/browse/LUCENE-9517
Project: Lucene - Core
Issue Type: Bug
Reporter: Ignacio Vera
We are running into issues when running Elasticsearch CI with java security turned on and using JDK11 (only for the ones that contains the jdk bug ). The errors look like:
{{}}
{{}}
{code:java}
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers") {code}
{{}}
The issue seems to be here:
[http://hg.openjdk.java.net/jdk/jdk11/file/1ddf9a99e4ad/src/java.base/share/classes/java/util/zip/Deflater.java#l989]
As we now have a subclass that wants to run this code. Note that this code has been removed in JDK12 and above.
We might need to wrap the creation of this object in a doPriviledged Block or find a different solution that does not need to subclass the Deflater class.
cc: [~uschindler]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org