Search in sources :

Example 1 with FilePermission

use of java.io.FilePermission in project elasticsearch by elastic.

the class EvilSecurityTests method testEnvironmentPaths.

/** test generated permissions for all configured paths */
// needs to check settings for deprecated path
@SuppressWarnings("deprecation")
public void testEnvironmentPaths() throws Exception {
    Path path = createTempDir();
    // make a fake ES home and ensure we only grant permissions to that.
    Path esHome = path.resolve("esHome");
    Settings.Builder settingsBuilder = Settings.builder();
    settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.resolve("home").toString());
    settingsBuilder.put(Environment.PATH_CONF_SETTING.getKey(), esHome.resolve("conf").toString());
    settingsBuilder.put(Environment.PATH_SCRIPTS_SETTING.getKey(), esHome.resolve("scripts").toString());
    settingsBuilder.putArray(Environment.PATH_DATA_SETTING.getKey(), esHome.resolve("data1").toString(), esHome.resolve("data2").toString());
    settingsBuilder.put(Environment.PATH_SHARED_DATA_SETTING.getKey(), esHome.resolve("custom").toString());
    settingsBuilder.put(Environment.PATH_LOGS_SETTING.getKey(), esHome.resolve("logs").toString());
    settingsBuilder.put(Environment.PIDFILE_SETTING.getKey(), esHome.resolve("test.pid").toString());
    Settings settings = settingsBuilder.build();
    Path fakeTmpDir = createTempDir();
    String realTmpDir = System.getProperty("java.io.tmpdir");
    Permissions permissions;
    Environment environment;
    try {
        System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
        environment = new Environment(settings);
        permissions = Security.createPermissions(environment);
    } finally {
        System.setProperty("java.io.tmpdir", realTmpDir);
    }
    // the fake es home
    assertNoPermissions(esHome, permissions);
    // its parent
    assertNoPermissions(esHome.getParent(), permissions);
    // some other sibling
    assertNoPermissions(esHome.getParent().resolve("other"), permissions);
    // double check we overwrote java.io.tmpdir correctly for the test
    assertNoPermissions(PathUtils.get(realTmpDir), permissions);
    // check that all directories got permissions:
    // bin file: ro
    assertExactPermissions(new FilePermission(environment.binFile().toString(), "read,readlink"), permissions);
    // lib file: ro
    assertExactPermissions(new FilePermission(environment.libFile().toString(), "read,readlink"), permissions);
    // modules file: ro
    assertExactPermissions(new FilePermission(environment.modulesFile().toString(), "read,readlink"), permissions);
    // config file: ro
    assertExactPermissions(new FilePermission(environment.configFile().toString(), "read,readlink"), permissions);
    // scripts file: ro
    assertExactPermissions(new FilePermission(environment.scriptsFile().toString(), "read,readlink"), permissions);
    // plugins: ro
    assertExactPermissions(new FilePermission(environment.pluginsFile().toString(), "read,readlink"), permissions);
    // data paths: r/w
    for (Path dataPath : environment.dataFiles()) {
        assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
    }
    for (Path dataPath : environment.dataWithClusterFiles()) {
        assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
    }
    assertExactPermissions(new FilePermission(environment.sharedDataFile().toString(), "read,readlink,write,delete"), permissions);
    // logs: r/w
    assertExactPermissions(new FilePermission(environment.logsFile().toString(), "read,readlink,write,delete"), permissions);
    // temp dir: r/w
    assertExactPermissions(new FilePermission(fakeTmpDir.toString(), "read,readlink,write,delete"), permissions);
    // PID file: delete only (for the shutdown hook)
    assertExactPermissions(new FilePermission(environment.pidFile().toString(), "delete"), permissions);
}
Also used : Path(java.nio.file.Path) Permissions(java.security.Permissions) Environment(org.elasticsearch.env.Environment) FilePermission(java.io.FilePermission) Settings(org.elasticsearch.common.settings.Settings)

Example 2 with FilePermission

use of java.io.FilePermission in project elasticsearch by elastic.

the class Security method addPathIfExists.

/**
     * Add access to a directory iff it exists already
     * @param policy current policy to add permissions to
     * @param configurationName the configuration name associated with the path (for error messages only)
     * @param path the path itself
     * @param permissions set of file permissions to grant to the path
     */
static void addPathIfExists(Permissions policy, String configurationName, Path path, String permissions) {
    if (Files.isDirectory(path)) {
        // add each path twice: once for itself, again for files underneath it
        policy.add(new FilePermission(path.toString(), permissions));
        policy.add(new FilePermission(path.toString() + path.getFileSystem().getSeparator() + "-", permissions));
        try {
            path.getFileSystem().provider().checkAccess(path.toRealPath(), AccessMode.READ);
        } catch (IOException e) {
            throw new IllegalStateException("Unable to access '" + configurationName + "' (" + path + ")", e);
        }
    }
}
Also used : IOException(java.io.IOException) FilePermission(java.io.FilePermission)

Example 3 with FilePermission

use of java.io.FilePermission in project elasticsearch by elastic.

the class Security method addFilePermissions.

/**
     * Adds access to all configurable paths.
     */
static void addFilePermissions(Permissions policy, Environment environment) {
    // read-only dirs
    addPath(policy, Environment.PATH_HOME_SETTING.getKey(), environment.binFile(), "read,readlink");
    addPath(policy, Environment.PATH_HOME_SETTING.getKey(), environment.libFile(), "read,readlink");
    addPath(policy, Environment.PATH_HOME_SETTING.getKey(), environment.modulesFile(), "read,readlink");
    addPath(policy, Environment.PATH_HOME_SETTING.getKey(), environment.pluginsFile(), "read,readlink");
    addPath(policy, Environment.PATH_CONF_SETTING.getKey(), environment.configFile(), "read,readlink");
    addPath(policy, Environment.PATH_SCRIPTS_SETTING.getKey(), environment.scriptsFile(), "read,readlink");
    // read-write dirs
    addPath(policy, "java.io.tmpdir", environment.tmpFile(), "read,readlink,write,delete");
    addPath(policy, Environment.PATH_LOGS_SETTING.getKey(), environment.logsFile(), "read,readlink,write,delete");
    if (environment.sharedDataFile() != null) {
        addPath(policy, Environment.PATH_SHARED_DATA_SETTING.getKey(), environment.sharedDataFile(), "read,readlink,write,delete");
    }
    for (Path path : environment.dataFiles()) {
        addPath(policy, Environment.PATH_DATA_SETTING.getKey(), path, "read,readlink,write,delete");
    }
    for (Path path : environment.repoFiles()) {
        addPath(policy, Environment.PATH_REPO_SETTING.getKey(), path, "read,readlink,write,delete");
    }
    if (environment.pidFile() != null) {
        // we just need permission to remove the file if its elsewhere.
        policy.add(new FilePermission(environment.pidFile().toString(), "delete"));
    }
}
Also used : Path(java.nio.file.Path) FilePermission(java.io.FilePermission)

Example 4 with FilePermission

use of java.io.FilePermission in project elasticsearch by elastic.

the class Security method addClasspathPermissions.

/** Adds access to classpath jars/classes for jar hell scan, etc */
@SuppressForbidden(reason = "accesses fully qualified URLs to configure security")
static void addClasspathPermissions(Permissions policy) throws IOException {
    // really it should be covered by lib/, but there could be e.g. agents or similar configured)
    for (URL url : JarHell.parseClassPath()) {
        Path path;
        try {
            path = PathUtils.get(url.toURI());
        } catch (URISyntaxException e) {
            throw new RuntimeException(e);
        }
        // resource itself
        policy.add(new FilePermission(path.toString(), "read,readlink"));
        // classes underneath
        if (Files.isDirectory(path)) {
            policy.add(new FilePermission(path.toString() + path.getFileSystem().getSeparator() + "-", "read,readlink"));
        }
    }
}
Also used : Path(java.nio.file.Path) URISyntaxException(java.net.URISyntaxException) FilePermission(java.io.FilePermission) URL(java.net.URL) SuppressForbidden(org.elasticsearch.common.SuppressForbidden)

Example 5 with FilePermission

use of java.io.FilePermission in project elasticsearch by elastic.

the class ESPolicyUnitTests method testNullCodeSource.

/**
     * Test policy with null codesource.
     * <p>
     * This can happen when restricting privileges with doPrivileged,
     * even though ProtectionDomain's ctor javadocs might make you think
     * that the policy won't be consulted.
     */
public void testNullCodeSource() throws Exception {
    assumeTrue("test cannot run with security manager", System.getSecurityManager() == null);
    // create a policy with AllPermission
    Permission all = new AllPermission();
    PermissionCollection allCollection = all.newPermissionCollection();
    allCollection.add(all);
    ESPolicy policy = new ESPolicy(allCollection, Collections.emptyMap(), true);
    // restrict ourselves to NoPermission
    PermissionCollection noPermissions = new Permissions();
    assertFalse(policy.implies(new ProtectionDomain(null, noPermissions), new FilePermission("foo", "read")));
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permission(java.security.Permission) FilePermission(java.io.FilePermission) SocketPermission(java.net.SocketPermission) AllPermission(java.security.AllPermission) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) FilePermission(java.io.FilePermission)

Aggregations

FilePermission (java.io.FilePermission)143 Deployment (org.jboss.arquillian.container.test.api.Deployment)38 StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)29 JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)29 PropertyPermission (java.util.PropertyPermission)23 IOException (java.io.IOException)22 RemotingPermission (org.jboss.remoting3.security.RemotingPermission)21 Permission (java.security.Permission)20 File (java.io.File)19 URL (java.net.URL)19 PermissionCollection (java.security.PermissionCollection)19 SocketPermission (java.net.SocketPermission)18 WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)16 ReflectPermission (java.lang.reflect.ReflectPermission)12 Test (org.junit.Test)12 Permissions (java.security.Permissions)11 CodeSource (java.security.CodeSource)9 Path (java.nio.file.Path)8 SecurityPermission (java.security.SecurityPermission)8 Policy (java.security.Policy)7