[
https://issues.apache.org/jira/browse/SOLR-13986?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16985468#comment-16985468
]
Robert Muir commented on SOLR-13986:
------------------------------------
I implemented patch with my workaround from before.
Note that 2 tests still fail: HdfsThreadLeakTest, TestHdfsCloudBackupRestore
The problem is hadoop test code
(MiniDFSCluster.createPermissionsDiagnosisString):
https://github.com/apache/hadoop/blob/7a3188d054481b9bd563e337901e93476303ce7f/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java#L1260
It calls File.canExecute, but doesn't handle SecurityException. This is clearly
documented in the java.io.File api:
https://docs.oracle.com/javase/7/docs/api/java/io/File.html#canExecute()
I think I can hack around it but someone should really do something about this
hadoop code.
> remove "execute" permission from solr-tests.policy
> --------------------------------------------------
>
> Key: SOLR-13986
> URL: https://issues.apache.org/jira/browse/SOLR-13986
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Robert Muir
> Priority: Major
> Attachments: SOLR-13986-notyet.patch, SOLR-13986.patch
>
>
> If we don't really need to execute processes, we can take the permission
> away. That way any attempt to execute something results in a
> SecurityException rather than running a process.
> It is necessary to first fix the tests policy before thinking about
> supporting securitymanager in solr. This way we can ensure functionality does
> not break via our tests.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
