You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by br...@apache.org on 2020/02/12 19:34:37 UTC
[cassandra] branch trunk updated: thread aware sec manager fix for
jar based loaders
This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/trunk by this push:
new c76a3a9 thread aware sec manager fix for jar based loaders
c76a3a9 is described below
commit c76a3a940dc46e6f09d26b2f6d6b24020157fc0d
Author: gus <gu...@needhamsoftware.com>
AuthorDate: Thu Feb 6 11:09:18 2020 -0500
thread aware sec manager fix for jar based loaders
Patch by Gus Heck, reviewed by brandonwilliams for CASSANDRA-15494
---
CHANGES.txt | 1 +
.../apache/cassandra/security/ThreadAwareSecurityManager.java | 10 ++++++++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/CHANGES.txt b/CHANGES.txt
index 6235046..82e69e0 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
4.0-alpha4
+ * allow embedded cassandra launched from a one-jar or uno-jar (CASSANDRA-15494)
* Update hppc library to version 0.8.1 (CASSANDRA-12995)
* Limit the dependencies used by UDFs/UDAs (CASSANDRA-14737)
* Make native_transport_max_concurrent_requests_in_bytes updatable (CASSANDRA-15519)
diff --git a/src/java/org/apache/cassandra/security/ThreadAwareSecurityManager.java b/src/java/org/apache/cassandra/security/ThreadAwareSecurityManager.java
index 6500c8f..86c8b5b 100644
--- a/src/java/org/apache/cassandra/security/ThreadAwareSecurityManager.java
+++ b/src/java/org/apache/cassandra/security/ThreadAwareSecurityManager.java
@@ -110,7 +110,11 @@ public final class ThreadAwareSecurityManager extends SecurityManager
switch (codesource.getLocation().getProtocol())
{
- case "file":
+ case "jar": // One-JAR or Uno-Jar source
+ if (!codesource.getLocation().getPath().startsWith("file:")) {
+ return perms;
+ } // else fall through and add AllPermission()
+ case "file": // Standard file system source
// All JARs and class files reside on the file system - we can safely
// assume that these classes are "good".
perms.add(new AllPermission());
@@ -133,7 +137,9 @@ public final class ThreadAwareSecurityManager extends SecurityManager
switch (codesource.getLocation().getProtocol())
{
- case "file":
+ case "jar": // One-JAR or Uno-Jar source
+ return codesource.getLocation().getPath().startsWith("file:");
+ case "file": // Standard file system source
// All JARs and class files reside on the file system - we can safely
// assume that these classes are "good".
return true;
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org