From issues-return-5758-archive-asf-public=cust-asf.ponee.io@lucene.apache.org  Sun Dec  1 03:02:03 2019
Return-Path: <issues-return-5758-archive-asf-public=cust-asf.ponee.io@lucene.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [207.244.88.153])
	by mx-eu-01.ponee.io (Postfix) with SMTP id B7885180638
	for <archive-asf-public@cust-asf.ponee.io>; Sun,  1 Dec 2019 04:02:02 +0100 (CET)
Received: (qmail 15795 invoked by uid 500); 1 Dec 2019 03:02:01 -0000
Mailing-List: contact issues-help@lucene.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@lucene.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@lucene.apache.org>
List-Post: <mailto:issues@lucene.apache.org>
List-Id: <issues.lucene.apache.org>
Reply-To: dev@lucene.apache.org
Delivered-To: mailing list issues@lucene.apache.org
Received: (qmail 15786 invoked by uid 99); 1 Dec 2019 03:02:01 -0000
Received: from mailrelay1-us-west.apache.org (HELO mailrelay1-us-west.apache.org) (209.188.14.139)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Dec 2019 03:02:01 +0000
Received: from jira-he-de.apache.org (static.172.67.40.188.clients.your-server.de [188.40.67.172])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id CCBB7E00FF
	for <issues@lucene.apache.org>; Sun,  1 Dec 2019 03:02:00 +0000 (UTC)
Received: from jira-he-de.apache.org (localhost.localdomain [127.0.0.1])
	by jira-he-de.apache.org (ASF Mail Server at jira-he-de.apache.org) with ESMTP id 1BBDB78010B
	for <issues@lucene.apache.org>; Sun,  1 Dec 2019 03:02:00 +0000 (UTC)
Date: Sun, 1 Dec 2019 03:02:00 +0000 (UTC)
From: "Robert Muir (Jira)" <jira@apache.org>
To: issues@lucene.apache.org
Message-ID: <JIRA.13271519.1575140106000.237489.1575169320064@Atlassian.JIRA>
In-Reply-To: <JIRA.13271519.1575140106000@Atlassian.JIRA>
References: <JIRA.13271519.1575140106000@Atlassian.JIRA> <JIRA.13271519.1575140106884@jira-he-de>
Subject: [jira] [Updated] (SOLR-13986) remove "execute" permission from
 solr-tests.policy
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/SOLR-13986?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Robert Muir updated SOLR-13986:
-------------------------------
    Attachment: SOLR-13986.patch
        Status: Open  (was: Open)

I added a hack for their equally broken "canWrite" method because i'm here already. but really this hadoop code should get fixed.

> remove "execute" permission from solr-tests.policy
> --------------------------------------------------
>
>                 Key: SOLR-13986
>                 URL: https://issues.apache.org/jira/browse/SOLR-13986
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Robert Muir
>            Priority: Major
>         Attachments: SOLR-13986-notyet.patch, SOLR-13986.patch, SOLR-13986.patch
>
>
> If we don't really need to execute processes, we can take the permission away. That way any attempt to execute something results in a SecurityException rather than running a process.
> It is necessary to first fix the tests policy before thinking about supporting securitymanager in solr. This way we can ensure functionality does not break via our tests.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org