Index: lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java =================================================================== --- lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java (revision 0) +++ lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java (working copy) @@ -0,0 +1,155 @@ +package org.apache.lucene.util; + +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import java.security.AllPermission; +import java.security.Permission; +import java.security.PermissionCollection; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Enumeration; +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import java.util.StringTokenizer; + +/** A {@link Permission} that grants everything, except some explicitly given specific permissions. + * It can be used to exclude e.g. file permissions from granted fully, they must then be added + * to the policy file to grant actions. + * @see java.security.AllPermission + */ +public final class AllButPermission extends Permission { + + // needed for SecurityManager and so on, must be serializable! + private static final long serialVersionUID = 869110878572850403L; + + private static final Permission ALL_PERMISSION = new AllPermission(); + + private final Set> excluded; + + /** + * Creates a new {@code AllButPermission} object. + * @param excluded comma-separated list of {@link Permission} class names that + * should not be granted. All others are fully granted. + */ + public AllButPermission(Set> excluded) { + super(getName(excluded)); + this.excluded = excluded; + } + + private static String getName(Set> excluded) { + String s = excluded.toString(); + return s.substring(1, s.length()-1); + } + + /** + * Creates a new {@code AllButPermission} object. + * @param excludedString comma-separated list of {@link Permission} class names that + * should not be granted. All others are fully granted. + */ + public AllButPermission(String excludedString) { + super(excludedString); + excluded = new HashSet>(); + final StringTokenizer tokenizer = new StringTokenizer(excludedString, ","); + while (tokenizer.hasMoreTokens()) { + final String className = tokenizer.nextToken(); + try { + excluded.add(Class.forName(className).asSubclass(Permission.class)); + } catch (Exception e) { + throw new IllegalArgumentException("The following class is not a valid java.security.Permission: " + className, e); + } + } + } + + /** + * Creates a new {@code AllButPermission} object. This + * constructor is used by the Policy object + * to instantiate new Permission objects. + * @param excludedString comma-separated list of {@link Permission} class names that + * should not be granted. All others are fully granted. + * @param actions is ignored + */ + public AllButPermission(String excludedString, String actions) { + this(excludedString); + } + + @Override + public boolean implies(Permission permission) { + final Class permissionClass = permission.getClass(); + // first try fast path: + if (excluded.contains(permissionClass)) { + return false; + } else { + // slow path (also finds subclasses): + for (final Class p : excluded) { + if (p.isAssignableFrom(permissionClass)) { + return false; + } + } + return true; + } + } + + @Override + public boolean equals(Object obj) { + return obj instanceof AllButPermission; + } + + @Override + public int hashCode() { + return getClass().hashCode(); + } + + @Override + public String getActions() { + return ALL_PERMISSION.getActions(); + } + + @Override + public PermissionCollection newPermissionCollection() { + return new PermissionCollection() { + private static final long serialVersionUID = 3498209616787870079L; + + private final List permissions = new ArrayList(); + + @Override + public void add(Permission permission) { + if (isReadOnly()) { + throw new UnsupportedOperationException("read-only PermissionCollection"); + } + permissions.add(permission); + } + + @Override + public boolean implies(Permission toTest) { + for (Permission permission : permissions) { + if (permission.implies(toTest)) { + return true; + } + } + return false; + } + + @Override + public Enumeration elements() { + return Collections.enumeration(permissions); + } + }; + } + +} Index: lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java =================================================================== --- lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java (revision 0) +++ lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java (working copy) Property changes on: lucene/test-framework/src/java/org/apache/lucene/util/AllButPermission.java ___________________________________________________________________ Added: svn:keywords ## -0,0 +1 ## +Date Author Id Revision HeadURL \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Index: lucene/tools/junit4/tests.policy =================================================================== --- lucene/tools/junit4/tests.policy (revision 1379224) +++ lucene/tools/junit4/tests.policy (working copy) @@ -20,11 +20,11 @@ // This policy also disallows stuff like listening on network ports of interfaces // different than 127.0.0.1. -// PLEASE NOTE: You may need to enable other permissions when new tests are added, -// everything not allowed here is forbidden! - grant { // permissions for file access, write access only to sandbox: + permission org.apache.lucene.util.AllButPermission "java.io.FilePermission,java.net.SocketPermission,java.security.SecurityPermission"; + + // restrict file access and network access permission java.io.FilePermission "<>", "read,execute"; permission java.io.FilePermission "${tests.sandbox.dir}${/}-", "read,execute,write,delete"; permission java.io.FilePermission "${clover.db.dir}${/}-", "read,execute,write,delete"; @@ -41,19 +41,6 @@ // Allow connecting to the internet anywhere permission java.net.SocketPermission "*", "connect,resolve"; - // Basic permissions needed for Lucene to work: - permission java.util.PropertyPermission "*", "read,write"; - permission java.lang.reflect.ReflectPermission "*"; - permission java.lang.RuntimePermission "*"; - - // Solr needs those: - permission java.net.NetPermission "*"; - permission java.util.logging.LoggingPermission "control"; - permission java.lang.management.ManagementPermission "monitor"; - permission javax.management.MBeanPermission "*", "*"; - permission javax.management.MBeanServerPermission "*"; - permission javax.management.MBeanTrustPermission "*"; - // TIKA uses BouncyCastle and that registers new provider for PDF parsing + MSOffice parsing. Maybe report as bug! permission java.security.SecurityPermission "putProviderProperty.BC"; permission java.security.SecurityPermission "insertProvider.BC";