This is an automated email from the ASF dual-hosted git repository.
epugh pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/main by this push:
new baabca56f9c SOLR-17109: Give security manager explicit read access to
sharedLib (#2172)
baabca56f9c is described below
commit baabca56f9cca9d967bda230fb454ae9f55f5289
Author: Tomas Eduardo Fernandez Lobbe <[email protected]>
AuthorDate: Sun Jun 9 16:19:06 2024 -0300
SOLR-17109: Give security manager explicit read access to sharedLib (#2172)
Co-authored-by: Eric Pugh <[email protected]>
---
solr/CHANGES.txt | 2 ++
solr/server/etc/security.policy | 3 +++
2 files changed, 5 insertions(+)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 42748426ddd..f340847f34c 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -127,6 +127,8 @@ Improvements
* SOLR-17300: Http2SolrClient.Builder.withHttpClient now copies
HttpListenerFactory (e.g. for auth, metrics, traces, etc.)
(Sanjay Dutt, David Smiley)
+* SOLR-17109: Give security manager explicit read access to sharedLib (Tomás
Fernández Löbbe via Eric Pugh)
+
Optimizations
---------------------
* SOLR-17257: Both Minimize Cores and the Affinity replica placement
strategies would over-gather
diff --git a/solr/server/etc/security.policy b/solr/server/etc/security.policy
index 48242b23324..f207380fdfb 100644
--- a/solr/server/etc/security.policy
+++ b/solr/server/etc/security.policy
@@ -215,6 +215,9 @@ grant {
permission java.io.FilePermission "${solr.allowPaths}",
"read,write,delete,readlink";
permission java.io.FilePermission "${solr.allowPaths}${/}-",
"read,write,delete,readlink";
+ permission java.io.FilePermission "${solr.sharedLib}", "read,readlink";
+ permission java.io.FilePermission "${solr.sharedLib}${/}-", "read,readlink";
+
permission java.io.FilePermission "${log4j.configurationFile}",
"read,write,delete,readlink";
// Credentials for S3 Repository
