예제 #1
0
  /** Initializes SecurityManager for the environment Can only happen once! */
  static void configure(Environment environment) throws Exception {
    // set properties for jar locations
    setCodebaseProperties();

    // enable security policy: union of template and environment-based paths, and possibly plugin
    // permissions
    Policy.setPolicy(
        new ESPolicy(createPermissions(environment), getPluginPermissions(environment)));

    // enable security manager
    System.setSecurityManager(
        new SecurityManager() {
          // we disable this completely, because its granted otherwise:
          // 'Note: The "exitVM.*" permission is automatically granted to
          // all code loaded from the application class path, thus enabling
          // applications to terminate themselves.'
          @Override
          public void checkExit(int status) {
            throw new SecurityException("exit(" + status + ") not allowed by system policy");
          }
        });

    // do some basic tests
    selfTest();
  }
  static {
    // just like bootstrap, initialize natives, then SM
    Bootstrap.initializeNatives(true, true);

    // initialize probes
    Bootstrap.initializeProbes();

    // check for jar hell
    try {
      JarHell.checkJarHell();
    } catch (Exception e) {
      if (Boolean.parseBoolean(System.getProperty("tests.maven"))) {
        throw new RuntimeException("found jar hell in test classpath", e);
      } else {
        Loggers.getLogger(BootstrapForTesting.class)
            .warn(
                "Your ide or custom test runner has jar hell issues, "
                    + "you might want to look into that",
                e);
      }
    }

    // make sure java.io.tmpdir exists always (in case code uses it in a static initializer)
    Path javaTmpDir =
        PathUtils.get(
            Objects.requireNonNull(
                System.getProperty("java.io.tmpdir"), "please set ${java.io.tmpdir} in pom.xml"));
    try {
      Security.ensureDirectoryExists(javaTmpDir);
    } catch (Exception e) {
      throw new RuntimeException("unable to create test temp directory", e);
    }

    // install security manager if requested
    if (systemPropertyAsBoolean("tests.security.manager", true)) {
      try {
        Security.setCodebaseProperties();
        // if its an insecure plugin, its not easy to simulate here, since we don't have a real
        // plugin install.
        // we just do our best so unit testing can work. integration tests for such plugins are
        // essential.
        String artifact = System.getProperty("tests.artifact");
        String insecurePluginProp = Security.INSECURE_PLUGINS.get(artifact);
        if (insecurePluginProp != null) {
          System.setProperty(insecurePluginProp, "file:/-");
        }
        // initialize paths the same exact way as bootstrap.
        Permissions perms = new Permissions();
        // add permissions to everything in classpath
        for (URL url : JarHell.parseClassPath()) {
          Path path = PathUtils.get(url.toURI());
          // resource itself
          perms.add(new FilePermission(path.toString(), "read,readlink"));
          // classes underneath
          perms.add(
              new FilePermission(
                  path.toString() + path.getFileSystem().getSeparator() + "-", "read,readlink"));

          // crazy jython...
          String filename = path.getFileName().toString();
          if (filename.contains("jython") && filename.endsWith(".jar")) {
            // just enough so it won't fail when it does not exist
            perms.add(new FilePermission(path.getParent().toString(), "read,readlink"));
            perms.add(
                new FilePermission(path.getParent().resolve("Lib").toString(), "read,readlink"));
          }
        }
        // java.io.tmpdir
        Security.addPath(perms, "java.io.tmpdir", javaTmpDir, "read,readlink,write,delete");
        // custom test config file
        if (Strings.hasLength(System.getProperty("tests.config"))) {
          perms.add(new FilePermission(System.getProperty("tests.config"), "read,readlink"));
        }
        // jacoco coverage output file
        if (Boolean.getBoolean("tests.coverage")) {
          Path coverageDir = PathUtils.get(System.getProperty("tests.coverage.dir"));
          perms.add(
              new FilePermission(coverageDir.resolve("jacoco.exec").toString(), "read,write"));
          // in case we get fancy and use the -integration goals later:
          perms.add(
              new FilePermission(coverageDir.resolve("jacoco-it.exec").toString(), "read,write"));
        }
        Policy.setPolicy(new ESPolicy(perms));
        System.setSecurityManager(new TestSecurityManager());
        Security.selfTest();

        if (insecurePluginProp != null) {
          // initialize the plugin class, in case it has one-time hacks (unit tests often won't do
          // this)
          String clazz = System.getProperty("tests.plugin.classname");
          if (clazz == null) {
            throw new IllegalStateException(
                "plugin classname is needed for insecure plugin unit tests");
          }
          Class.forName(clazz);
        }
      } catch (Exception e) {
        throw new RuntimeException("unable to install test security manager", e);
      }
    }
  }