/** * Sets properties (codebase URLs) for policy files. JAR locations are not fixed so we have to * find the locations of the ones we want. */ @SuppressForbidden(reason = "proper use of URL") static void setCodebaseProperties() { for (URL url : JarHell.parseClassPath()) { for (Map.Entry<Pattern, String> e : SPECIAL_JARS.entrySet()) { if (e.getKey().matcher(url.getPath()).matches()) { String prop = e.getValue(); if (System.getProperty(prop) != null) { throw new IllegalStateException( "property: " + prop + " is unexpectedly set: " + System.getProperty(prop)); } System.setProperty(prop, url.toString()); } } } for (String prop : SPECIAL_JARS.values()) { if (System.getProperty(prop) == null) { System.setProperty(prop, "file:/dev/null"); // no chance to be interpreted as "all" } } }
/** Adds access to classpath jars/classes for jar hell scan, etc */ @SuppressForbidden(reason = "accesses fully qualified URLs to configure security") static void addClasspathPermissions(Permissions policy) throws IOException { // add permissions to everything in classpath // really it should be covered by lib/, but there could be e.g. agents or similar configured) for (URL url : JarHell.parseClassPath()) { Path path; try { path = PathUtils.get(url.toURI()); } catch (URISyntaxException e) { throw new RuntimeException(e); } // resource itself policy.add(new FilePermission(path.toString(), "read,readlink")); // classes underneath if (Files.isDirectory(path)) { policy.add( new FilePermission( path.toString() + path.getFileSystem().getSeparator() + "-", "read,readlink")); } } }
static { // just like bootstrap, initialize natives, then SM Bootstrap.initializeNatives(true, true); // initialize probes Bootstrap.initializeProbes(); // check for jar hell try { JarHell.checkJarHell(); } catch (Exception e) { if (Boolean.parseBoolean(System.getProperty("tests.maven"))) { throw new RuntimeException("found jar hell in test classpath", e); } else { Loggers.getLogger(BootstrapForTesting.class) .warn( "Your ide or custom test runner has jar hell issues, " + "you might want to look into that", e); } } // make sure java.io.tmpdir exists always (in case code uses it in a static initializer) Path javaTmpDir = PathUtils.get( Objects.requireNonNull( System.getProperty("java.io.tmpdir"), "please set ${java.io.tmpdir} in pom.xml")); try { Security.ensureDirectoryExists(javaTmpDir); } catch (Exception e) { throw new RuntimeException("unable to create test temp directory", e); } // install security manager if requested if (systemPropertyAsBoolean("tests.security.manager", true)) { try { Security.setCodebaseProperties(); // if its an insecure plugin, its not easy to simulate here, since we don't have a real // plugin install. // we just do our best so unit testing can work. integration tests for such plugins are // essential. String artifact = System.getProperty("tests.artifact"); String insecurePluginProp = Security.INSECURE_PLUGINS.get(artifact); if (insecurePluginProp != null) { System.setProperty(insecurePluginProp, "file:/-"); } // initialize paths the same exact way as bootstrap. Permissions perms = new Permissions(); // add permissions to everything in classpath for (URL url : JarHell.parseClassPath()) { Path path = PathUtils.get(url.toURI()); // resource itself perms.add(new FilePermission(path.toString(), "read,readlink")); // classes underneath perms.add( new FilePermission( path.toString() + path.getFileSystem().getSeparator() + "-", "read,readlink")); // crazy jython... String filename = path.getFileName().toString(); if (filename.contains("jython") && filename.endsWith(".jar")) { // just enough so it won't fail when it does not exist perms.add(new FilePermission(path.getParent().toString(), "read,readlink")); perms.add( new FilePermission(path.getParent().resolve("Lib").toString(), "read,readlink")); } } // java.io.tmpdir Security.addPath(perms, "java.io.tmpdir", javaTmpDir, "read,readlink,write,delete"); // custom test config file if (Strings.hasLength(System.getProperty("tests.config"))) { perms.add(new FilePermission(System.getProperty("tests.config"), "read,readlink")); } // jacoco coverage output file if (Boolean.getBoolean("tests.coverage")) { Path coverageDir = PathUtils.get(System.getProperty("tests.coverage.dir")); perms.add( new FilePermission(coverageDir.resolve("jacoco.exec").toString(), "read,write")); // in case we get fancy and use the -integration goals later: perms.add( new FilePermission(coverageDir.resolve("jacoco-it.exec").toString(), "read,write")); } Policy.setPolicy(new ESPolicy(perms)); System.setSecurityManager(new TestSecurityManager()); Security.selfTest(); if (insecurePluginProp != null) { // initialize the plugin class, in case it has one-time hacks (unit tests often won't do // this) String clazz = System.getProperty("tests.plugin.classname"); if (clazz == null) { throw new IllegalStateException( "plugin classname is needed for insecure plugin unit tests"); } Class.forName(clazz); } } catch (Exception e) { throw new RuntimeException("unable to install test security manager", e); } } }