Search in sources :

Example 1 with Permissions

use of java.security.Permissions in project elasticsearch by elastic.

the class ESPolicyUnitTests method testNullCodeSource.

/**
     * Test policy with null codesource.
     * <p>
     * This can happen when restricting privileges with doPrivileged,
     * even though ProtectionDomain's ctor javadocs might make you think
     * that the policy won't be consulted.
     */
public void testNullCodeSource() throws Exception {
    assumeTrue("test cannot run with security manager", System.getSecurityManager() == null);
    // create a policy with AllPermission
    Permission all = new AllPermission();
    PermissionCollection allCollection = all.newPermissionCollection();
    allCollection.add(all);
    ESPolicy policy = new ESPolicy(allCollection, Collections.emptyMap(), true);
    // restrict ourselves to NoPermission
    PermissionCollection noPermissions = new Permissions();
    assertFalse(policy.implies(new ProtectionDomain(null, noPermissions), new FilePermission("foo", "read")));
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permission(java.security.Permission) FilePermission(java.io.FilePermission) SocketPermission(java.net.SocketPermission) AllPermission(java.security.AllPermission) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) FilePermission(java.io.FilePermission)

Example 2 with Permissions

use of java.security.Permissions in project elasticsearch by elastic.

the class ESPolicyUnitTests method testNullLocation.

/**
     * test with null location
     * <p>
     * its unclear when/if this happens, see https://bugs.openjdk.java.net/browse/JDK-8129972
     */
public void testNullLocation() throws Exception {
    assumeTrue("test cannot run with security manager", System.getSecurityManager() == null);
    PermissionCollection noPermissions = new Permissions();
    ESPolicy policy = new ESPolicy(noPermissions, Collections.emptyMap(), true);
    assertFalse(policy.implies(new ProtectionDomain(new CodeSource(null, (Certificate[]) null), noPermissions), new FilePermission("foo", "read")));
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) Permissions(java.security.Permissions) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission)

Example 3 with Permissions

use of java.security.Permissions in project elasticsearch by elastic.

the class PluginSecurityTests method testParsePermissions.

/** Test that we can parse the set of permissions correctly for a simple policy */
public void testParsePermissions() throws Exception {
    assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
    Path scratch = createTempDir();
    Path testFile = this.getDataPath("security/simple-plugin-security.policy");
    Permissions expected = new Permissions();
    expected.add(new RuntimePermission("queuePrintJob"));
    PermissionCollection actual = PluginSecurity.parsePermissions(Terminal.DEFAULT, testFile, scratch);
    assertEquals(expected, actual);
}
Also used : Path(java.nio.file.Path) PermissionCollection(java.security.PermissionCollection) Permissions(java.security.Permissions)

Example 4 with Permissions

use of java.security.Permissions in project elasticsearch by elastic.

the class EvilSecurityTests method testEnvironmentPaths.

/** test generated permissions for all configured paths */
// needs to check settings for deprecated path
@SuppressWarnings("deprecation")
public void testEnvironmentPaths() throws Exception {
    Path path = createTempDir();
    // make a fake ES home and ensure we only grant permissions to that.
    Path esHome = path.resolve("esHome");
    Settings.Builder settingsBuilder = Settings.builder();
    settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.resolve("home").toString());
    settingsBuilder.put(Environment.PATH_CONF_SETTING.getKey(), esHome.resolve("conf").toString());
    settingsBuilder.put(Environment.PATH_SCRIPTS_SETTING.getKey(), esHome.resolve("scripts").toString());
    settingsBuilder.putArray(Environment.PATH_DATA_SETTING.getKey(), esHome.resolve("data1").toString(), esHome.resolve("data2").toString());
    settingsBuilder.put(Environment.PATH_SHARED_DATA_SETTING.getKey(), esHome.resolve("custom").toString());
    settingsBuilder.put(Environment.PATH_LOGS_SETTING.getKey(), esHome.resolve("logs").toString());
    settingsBuilder.put(Environment.PIDFILE_SETTING.getKey(), esHome.resolve("test.pid").toString());
    Settings settings = settingsBuilder.build();
    Path fakeTmpDir = createTempDir();
    String realTmpDir = System.getProperty("java.io.tmpdir");
    Permissions permissions;
    Environment environment;
    try {
        System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
        environment = new Environment(settings);
        permissions = Security.createPermissions(environment);
    } finally {
        System.setProperty("java.io.tmpdir", realTmpDir);
    }
    // the fake es home
    assertNoPermissions(esHome, permissions);
    // its parent
    assertNoPermissions(esHome.getParent(), permissions);
    // some other sibling
    assertNoPermissions(esHome.getParent().resolve("other"), permissions);
    // double check we overwrote java.io.tmpdir correctly for the test
    assertNoPermissions(PathUtils.get(realTmpDir), permissions);
    // check that all directories got permissions:
    // bin file: ro
    assertExactPermissions(new FilePermission(environment.binFile().toString(), "read,readlink"), permissions);
    // lib file: ro
    assertExactPermissions(new FilePermission(environment.libFile().toString(), "read,readlink"), permissions);
    // modules file: ro
    assertExactPermissions(new FilePermission(environment.modulesFile().toString(), "read,readlink"), permissions);
    // config file: ro
    assertExactPermissions(new FilePermission(environment.configFile().toString(), "read,readlink"), permissions);
    // scripts file: ro
    assertExactPermissions(new FilePermission(environment.scriptsFile().toString(), "read,readlink"), permissions);
    // plugins: ro
    assertExactPermissions(new FilePermission(environment.pluginsFile().toString(), "read,readlink"), permissions);
    // data paths: r/w
    for (Path dataPath : environment.dataFiles()) {
        assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
    }
    for (Path dataPath : environment.dataWithClusterFiles()) {
        assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
    }
    assertExactPermissions(new FilePermission(environment.sharedDataFile().toString(), "read,readlink,write,delete"), permissions);
    // logs: r/w
    assertExactPermissions(new FilePermission(environment.logsFile().toString(), "read,readlink,write,delete"), permissions);
    // temp dir: r/w
    assertExactPermissions(new FilePermission(fakeTmpDir.toString(), "read,readlink,write,delete"), permissions);
    // PID file: delete only (for the shutdown hook)
    assertExactPermissions(new FilePermission(environment.pidFile().toString(), "delete"), permissions);
}
Also used : Path(java.nio.file.Path) Permissions(java.security.Permissions) Environment(org.elasticsearch.env.Environment) FilePermission(java.io.FilePermission) Settings(org.elasticsearch.common.settings.Settings)

Example 5 with Permissions

use of java.security.Permissions in project elasticsearch by elastic.

the class EvilSecurityTests method testGeneratedPermissions.

/** test generated permissions */
public void testGeneratedPermissions() throws Exception {
    Path path = createTempDir();
    // make a fake ES home and ensure we only grant permissions to that.
    Path esHome = path.resolve("esHome");
    Settings.Builder settingsBuilder = Settings.builder();
    settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.toString());
    Settings settings = settingsBuilder.build();
    Path fakeTmpDir = createTempDir();
    String realTmpDir = System.getProperty("java.io.tmpdir");
    Permissions permissions;
    try {
        System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
        Environment environment = new Environment(settings);
        permissions = Security.createPermissions(environment);
    } finally {
        System.setProperty("java.io.tmpdir", realTmpDir);
    }
    // the fake es home
    assertNoPermissions(esHome, permissions);
    // its parent
    assertNoPermissions(esHome.getParent(), permissions);
    // some other sibling
    assertNoPermissions(esHome.getParent().resolve("other"), permissions);
    // double check we overwrote java.io.tmpdir correctly for the test
    assertNoPermissions(PathUtils.get(realTmpDir), permissions);
}
Also used : Path(java.nio.file.Path) Permissions(java.security.Permissions) Environment(org.elasticsearch.env.Environment) Settings(org.elasticsearch.common.settings.Settings)

Aggregations

Permissions (java.security.Permissions)35 ProtectionDomain (java.security.ProtectionDomain)21 PermissionCollection (java.security.PermissionCollection)16 AccessControlContext (java.security.AccessControlContext)13 Permission (java.security.Permission)11 FilePermission (java.io.FilePermission)10 CodeSource (java.security.CodeSource)10 SocketPermission (java.net.SocketPermission)7 Path (java.nio.file.Path)6 Policy (java.security.Policy)6 AllPermission (java.security.AllPermission)5 Certificate (java.security.cert.Certificate)5 URLClassLoader (java.net.URLClassLoader)4 File (java.io.File)3 IOException (java.io.IOException)3 SecurityPermission (java.security.SecurityPermission)2 UnresolvedPermission (java.security.UnresolvedPermission)2 ArrayList (java.util.ArrayList)2 Settings (org.elasticsearch.common.settings.Settings)2 Environment (org.elasticsearch.env.Environment)2