lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Rowe (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (LUCENE-5650) Enforce read-only access to any path outside the temporary folder via security manager
Date Tue, 03 Jun 2014 18:49:04 GMT

    [ https://issues.apache.org/jira/browse/LUCENE-5650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14016976#comment-14016976
] 

Steve Rowe edited comment on LUCENE-5650 at 6/3/14 6:47 PM:
------------------------------------------------------------

I'm seeing what look like security manager-related exceptions on trunk with {{o.a.s.search.TestRecoveryHdfs}}
on OS X 10.9.3 w/Oracle Java 1.7.0_55 - here's the first exception (9 out of 9 non-ignored
tests fail):

{noformat}
   [junit4] <JUnit4> says 你好! Master seed: 37AA21AA8F6886DF
   [junit4] Executing 1 suite with 1 JVM.
   [junit4] 
   [junit4] Started J0 PID(36452@smb.local).
   [junit4] Suite: org.apache.solr.search.TestRecoveryHdfs
[...]
   [junit4]   2> 7871 T118 oasc.CoreContainer.recordAndThrow ERROR Unable to create core:
collection1 org.apache.solr.common.SolrException: Problem creating directory: solr_hdfs_home/collection1/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0/temp/solr.search.TestRecoveryHdfs-37AA21AA8F6886DF-001/init-core-data-001
   [junit4]   2> 	at org.apache.solr.core.SolrCore.<init>(SolrCore.java:885)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.<init>(SolrCore.java:649)
   [junit4]   2> 	at org.apache.solr.core.CoreContainer.create(CoreContainer.java:556)
   [junit4]   2> 	at org.apache.solr.core.CoreContainer$1.call(CoreContainer.java:261)
   [junit4]   2> 	at org.apache.solr.core.CoreContainer$1.call(CoreContainer.java:253)
   [junit4]   2> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
   [junit4]   2> 	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
   [junit4]   2> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
   [junit4]   2> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
   [junit4]   2> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
   [junit4]   2> 	at java.lang.Thread.run(Thread.java:745)
   [junit4]   2> Caused by: java.lang.RuntimeException: Problem creating directory: solr_hdfs_home/collection1/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0/temp/solr.search.TestRecoveryHdfs-37AA21AA8F6886DF-001/init-core-data-001
   [junit4]   2> 	at org.apache.solr.store.hdfs.HdfsDirectory.<init>(HdfsDirectory.java:87)
   [junit4]   2> 	at org.apache.solr.core.HdfsDirectoryFactory.create(HdfsDirectoryFactory.java:148)
   [junit4]   2> 	at org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:351)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:273)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.initIndex(SolrCore.java:485)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.<init>(SolrCore.java:791)
   [junit4]   2> 	... 10 more
   [junit4]   2> Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission"
"/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0" "write")
   [junit4]   2> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
   [junit4]   2> 	at java.security.AccessController.checkPermission(AccessController.java:559)
   [junit4]   2> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
   [junit4]   2> 	at java.lang.SecurityManager.checkWrite(SecurityManager.java:979)
   [junit4]   2> 	at java.io.File.mkdir(File.java:1305)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.ChecksumFileSystem.mkdirs(ChecksumFileSystem.java:584)
   [junit4]   2> 	at org.apache.solr.store.hdfs.HdfsDirectory.<init>(HdfsDirectory.java:63)
   [junit4]   2> 	... 15 more
   [junit4]
[...] 
   [junit4] Tests with failures:
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testLogReplay
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testRemoveOldLogs
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testBufferingFlags
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testCleanShutdown
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testCorruptLog
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testVersionsOnRestart
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testRecoveryMultipleLogs
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testTruncatedLog
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testBuffering
{noformat}


was (Author: steve_rowe):
I'm seeing what look like security manager-related exceptions on trunk with {{o.a.s.search.TestRecoveryHdfs}}
on OS X 10.9.3 w/Oracle Java 1.7.0_55 - here's the first exception (9 out of 9 non-ignored
tests fail):

{quote}
   [junit4] <JUnit4> says 你好! Master seed: 37AA21AA8F6886DF
   [junit4] Executing 1 suite with 1 JVM.
   [junit4] 
   [junit4] Started J0 PID(36452@smb.local).
   [junit4] Suite: org.apache.solr.search.TestRecoveryHdfs
[...]
   [junit4]   2> 7871 T118 oasc.CoreContainer.recordAndThrow ERROR Unable to create core:
collection1 org.apache.solr.common.SolrException: Problem creating directory: solr_hdfs_home/collection1/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0/temp/solr.search.TestRecoveryHdfs-37AA21AA8F6886DF-001/init-core-data-001
   [junit4]   2> 	at org.apache.solr.core.SolrCore.<init>(SolrCore.java:885)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.<init>(SolrCore.java:649)
   [junit4]   2> 	at org.apache.solr.core.CoreContainer.create(CoreContainer.java:556)
   [junit4]   2> 	at org.apache.solr.core.CoreContainer$1.call(CoreContainer.java:261)
   [junit4]   2> 	at org.apache.solr.core.CoreContainer$1.call(CoreContainer.java:253)
   [junit4]   2> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
   [junit4]   2> 	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
   [junit4]   2> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
   [junit4]   2> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
   [junit4]   2> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
   [junit4]   2> 	at java.lang.Thread.run(Thread.java:745)
   [junit4]   2> Caused by: java.lang.RuntimeException: Problem creating directory: solr_hdfs_home/collection1/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0/temp/solr.search.TestRecoveryHdfs-37AA21AA8F6886DF-001/init-core-data-001
   [junit4]   2> 	at org.apache.solr.store.hdfs.HdfsDirectory.<init>(HdfsDirectory.java:87)
   [junit4]   2> 	at org.apache.solr.core.HdfsDirectoryFactory.create(HdfsDirectoryFactory.java:148)
   [junit4]   2> 	at org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:351)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:273)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.initIndex(SolrCore.java:485)
   [junit4]   2> 	at org.apache.solr.core.SolrCore.<init>(SolrCore.java:791)
   [junit4]   2> 	... 10 more
   [junit4]   2> Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission"
"/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0" "write")
   [junit4]   2> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
   [junit4]   2> 	at java.security.AccessController.checkPermission(AccessController.java:559)
   [junit4]   2> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
   [junit4]   2> 	at java.lang.SecurityManager.checkWrite(SecurityManager.java:979)
   [junit4]   2> 	at java.io.File.mkdir(File.java:1305)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
   [junit4]   2> 	at org.apache.hadoop.fs.ChecksumFileSystem.mkdirs(ChecksumFileSystem.java:584)
   [junit4]   2> 	at org.apache.solr.store.hdfs.HdfsDirectory.<init>(HdfsDirectory.java:63)
   [junit4]   2> 	... 15 more
   [junit4]
[...] 
   [junit4] Tests with failures:
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testLogReplay
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testRemoveOldLogs
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testBufferingFlags
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testCleanShutdown
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testCorruptLog
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testVersionsOnRestart
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testRecoveryMultipleLogs
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testTruncatedLog
   [junit4]   - org.apache.solr.search.TestRecoveryHdfs.testBuffering
{noformat}

> Enforce read-only access to any path outside the temporary folder via security manager
> --------------------------------------------------------------------------------------
>
>                 Key: LUCENE-5650
>                 URL: https://issues.apache.org/jira/browse/LUCENE-5650
>             Project: Lucene - Core
>          Issue Type: Improvement
>          Components: general/test
>            Reporter: Ryan Ernst
>            Assignee: Dawid Weiss
>            Priority: Minor
>             Fix For: 4.9, 5.0
>
>         Attachments: LUCENE-5650.patch, LUCENE-5650.patch, LUCENE-5650.patch, LUCENE-5650.patch,
dih.patch
>
>
> The recent refactoring to all the create temp file/dir functions (which is great!) has
a minor regression from what existed before.  With the old {{LuceneTestCase.TEMP_DIR}}, the
directory was created if it did not exist.  So, if you set {{java.io.tmpdir}} to {{"./temp"}},
then it would create that dir within the per jvm working dir.  However, {{getBaseTempDirForClass()}}
now does asserts that check the dir exists, is a dir, and is writeable.
> Lucene uses {{"."}} as {{java.io.tmpdir}}.  Then in the test security manager, the per
jvm cwd has read/write/execute permissions.  However, this allows tests to write to their
cwd, which I'm trying to protect against (by setting cwd to read/execute in my test security
manager).



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message