All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.elasticsearch.bootstrap.security.policy Maven / Gradle / Ivy

There is a newer version: 8.14.1
Show newest version
/*
 * Licensed to Elasticsearch under one or more contributor
 * license agreements. See the NOTICE file distributed with
 * this work for additional information regarding copyright
 * ownership. Elasticsearch licenses this file to you under
 * the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

// Default security policy file.
// On startup, BootStrap reads environment and adds additional permissions
// for configured paths and network binding to these.

//// SecurityManager impl:
//// Must have all permissions to properly perform access checks

grant codeBase "${codebase.securesm-1.0.jar}" {
  permission java.security.AllPermission;
};

//// Very special jar permissions:
//// These are dangerous permissions that we don't want to grant to everything.

grant codeBase "${codebase.lucene-core-5.5.2.jar}" {
  // needed to allow MMapDirectory's "unmap hack" (die unmap hack, die)
  permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};

grant codeBase "${codebase.jsr166e-1.1.0.jar}" {
  // needed for LongAdder etc
  // TODO: remove this in java 8!
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
};

//// Everything else:

grant {

  // checked by scripting engines, and before hacks and other issues in
  // third party code, to safeguard these against unprivileged code like scripts.
  permission org.elasticsearch.SpecialPermission;

  // Allow connecting to the internet anywhere
  permission java.net.SocketPermission "*", "accept,connect,resolve";

  // Allow read/write to all system properties
  permission java.util.PropertyPermission "*", "read,write";

  // needed by Settings
  permission java.lang.RuntimePermission "getenv.*";

  // thread permission for the same thread group and ancestor groups
  // (this logic is more strict than the JDK, see SecureSM)
  permission java.lang.RuntimePermission "modifyThread";
  permission java.lang.RuntimePermission "modifyThreadGroup";

  // needed by ExceptionSerializationTests and RestTestCase for
  // some hackish things they do. otherwise only needed by groovy 
  // (TODO: clean this up?)
  permission java.lang.RuntimePermission "getProtectionDomain";
  
  // likely not low hanging fruit...
  permission java.lang.RuntimePermission "accessDeclaredMembers";

  // needed by HotThreads and potentially more
  // otherwise can be provided only to test libraries
  permission java.lang.RuntimePermission "getStackTrace";

  // needed by JMX instead of getFileSystemAttributes, seems like a bug...
  permission java.lang.RuntimePermission "getFileStoreAttributes";

  // needed for jimfs and NewPathForShardsTests
  // otherwise can be provided only to test libraries
  permission java.lang.RuntimePermission "fileSystemProvider";

  // needed by plugin manager to set unix permissions
  permission java.lang.RuntimePermission "accessUserInformation";

  // needed by jvminfo for monitoring the jvm
  permission java.lang.management.ManagementPermission "monitor";

  // needed by JDKESLoggerTests
  permission java.util.logging.LoggingPermission "control";
};




© 2015 - 2024 Weber Informatics LLC | Privacy Policy