[
https://issues.apache.org/jira/browse/LUCENE-5650?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ryan Ernst resolved LUCENE-5650.
--------------------------------
Resolution: Fixed
Fix Version/s: (was: 4.9)
4.11
> Enforce read-only access to any path outside the temporary folder via
> security manager
> --------------------------------------------------------------------------------------
>
> Key: LUCENE-5650
> URL: https://issues.apache.org/jira/browse/LUCENE-5650
> Project: Lucene - Core
> Issue Type: Improvement
> Components: general/test
> Reporter: Ryan Ernst
> Assignee: Dawid Weiss
> Priority: Minor
> Fix For: 5.0, 4.11
>
> Attachments: LUCENE-5650.patch, LUCENE-5650.patch, LUCENE-5650.patch,
> LUCENE-5650.patch, dih.patch
>
>
> The recent refactoring to all the create temp file/dir functions (which is
> great!) has a minor regression from what existed before. With the old
> {{LuceneTestCase.TEMP_DIR}}, the directory was created if it did not exist.
> So, if you set {{java.io.tmpdir}} to {{"./temp"}}, then it would create that
> dir within the per jvm working dir. However, {{getBaseTempDirForClass()}}
> now does asserts that check the dir exists, is a dir, and is writeable.
> Lucene uses {{"."}} as {{java.io.tmpdir}}. Then in the test security
> manager, the per jvm cwd has read/write/execute permissions. However, this
> allows tests to write to their cwd, which I'm trying to protect against (by
> setting cwd to read/execute in my test security manager).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
