tflobbe commented on code in PR #2172:
URL: https://github.com/apache/solr/pull/2172#discussion_r1440641745
##########
solr/server/etc/security.policy:
##########
@@ -219,6 +219,9 @@ grant {
permission java.io.FilePermission "${solr.allowPaths}",
"read,write,delete,readlink";
permission java.io.FilePermission "${solr.allowPaths}${/}-",
"read,write,delete,readlink";
+ permission java.io.FilePermission "${solr.sharedLib}", "read,readlink";
Review Comment:
True, it would fail with multiple paths (Note that the `allowPaths` just
above is the same though). Another thing I don't really like is that these
system properties are just "defaults", since the values are really just to
populate `solr.xml`.
May be good enough though? Maybe the solution is to make it easy/documented
how/when to update the policy for advanced usecases. Last I checked it wasn't
easy to use a different policy (or amend one).
On the other hand, I don't know how much effort does the security manager
configuration deserves, given it's deprecated.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
