Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove connect SocketPermissions from core #22797

Merged
merged 13 commits into from Feb 3, 2017

Conversation

Projects
None yet
3 participants
@tbrooks8
Copy link
Contributor

commented Jan 26, 2017

This permission is relegated to these modules/plugins:

  • transport-netty4 module
  • reindex module
  • repository-url module
  • discovery-azure-classic plugin
  • discovery-ec2 plugin
  • discovery-gce plugin
  • repository-azure plugin
  • repository-gcs plugin
  • repository-hdfs plugin
  • repository-s3 plugin

And for tests:

  • mocksocket jar
  • rest client
  • httpcore-nio jar
  • httpasyncclient jar

tbrooks8 added some commits Jan 25, 2017

Remove connect SocketPermissions from core
This is related to #22116. Core no longer needs `SocketPermission`
`connect`.

This permission is relegated to these modules/plugins:
- transport-netty4 module
- reindex module
- repository-url module
- discovery-azure-classic plugin
- discovery-ec2 plugin
- discovery-gce plugin
- repository-azure plugin
- repository-gcs plugin
- repository-hdfs plugin
- repository-s3 plugin

And for tests:
- mocksocket jar
- rest client
- httpcore-nio jar
- httpasyncclient jar
@tbrooks8

This comment has been minimized.

Copy link
Contributor Author

commented Jan 26, 2017

A couple notes:

  1. This depends on #22793
  2. It's a little messy that I need to give permissions to rest client, httpcore-nio, and httpasyncclient in tests. But this is necessary for the rest integration tests. The doPrivileged block is at the rest client level. So the http libraries (which are called by rest) also need the permissions.
  3. Due to the way tests permission are applied, some issues can be obscured. For ex: reindex needs connect. But even if I did not give it connect, the tests would still pass. This is because it depends on transport-netty4 which has connect. And the way privileges are applied in tests, reindex dependencies get any permissions transport-netty4 when the transport-netty4 security policy is applied in reindex tests. I'm not sure if there is a clear way around this without changing the build significantly.

@tbrooks8 tbrooks8 changed the title Officially remove connect Remove connect SocketPermissions from core Jan 26, 2017

@s1monw

s1monw approved these changes Jan 27, 2017

Copy link
Contributor

left a comment

LGTM

@@ -55,8 +55,8 @@ grant {
// third party code, to safeguard these against unprivileged code like scripts.
permission org.elasticsearch.SpecialPermission;

// Allow connecting to the internet anywhere
permission java.net.SocketPermission "*", "connect,resolve";
// Allow host/ip name service lookups

This comment has been minimized.

Copy link
@s1monw

s1monw Jan 27, 2017

Contributor

w00t

@jasontedor
Copy link
Member

left a comment

I left one comment.

permission java.net.SocketPermission "*", "connect";
};

grant codeBase "${codebase.httpcore-nio-4.4.5.jar}" {

This comment has been minimized.

Copy link
@jasontedor

jasontedor Feb 2, 2017

Member

Can you add comments to the places where these dependencies are defined that if the version is changed then the version needs to be updated here too? (This comment applies to all of the dependencies for which we have to supply these permissions.)

@jasontedor
Copy link
Member

left a comment

I left one more comment.

};


grant codeBase "${codebase.rest-6.0.0-alpha1-SNAPSHOT.jar}" {

This comment has been minimized.

Copy link
@jasontedor

jasontedor Feb 2, 2017

Member

Does this one deserve a comment too, above the elasticsearch version in version.properties?

@jasontedor
Copy link
Member

left a comment

LGTM.

@tbrooks8 tbrooks8 merged commit f70188a into elastic:master Feb 3, 2017

1 of 2 checks passed

elasticsearch-ci Build finished.
Details
CLA Commit author is a member of Elasticsearch
Details

@tbrooks8 tbrooks8 deleted the tbrooks8:officially_remove_connect branch Feb 3, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.