This is an automated email from the ASF dual-hosted git repository.
epugh pushed a commit to branch branch_9x
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/branch_9x by this push:
new b7f6be0f62d SOLR-17109: Give security manager explicit read access to
sharedLib (#2172)
b7f6be0f62d is described below
commit b7f6be0f62dc7b0e8d1a910d74c903f5bcfe0298
Author: Tomas Eduardo Fernandez Lobbe <[email protected]>
AuthorDate: Sun Jun 9 16:19:06 2024 -0300
SOLR-17109: Give security manager explicit read access to sharedLib (#2172)
Co-authored-by: Eric Pugh <[email protected]>
---
solr/CHANGES.txt | 2 ++
solr/server/etc/security.policy | 3 +++
2 files changed, 5 insertions(+)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index dfc6c3158b4..267d99ddf2c 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -31,6 +31,8 @@ Improvements
* SOLR-17300: Http2SolrClient.Builder.withHttpClient now copies
HttpListenerFactory (e.g. for auth, metrics, traces, etc.)
(Sanjay Dutt, David Smiley)
+* SOLR-17109: Give security manager explicit read access to sharedLib (Tomás
Fernández Löbbe via Eric Pugh)
+
Optimizations
---------------------
* SOLR-17257: Both Minimize Cores and the Affinity replica placement
strategies would over-gather
diff --git a/solr/server/etc/security.policy b/solr/server/etc/security.policy
index 48242b23324..f207380fdfb 100644
--- a/solr/server/etc/security.policy
+++ b/solr/server/etc/security.policy
@@ -215,6 +215,9 @@ grant {
permission java.io.FilePermission "${solr.allowPaths}",
"read,write,delete,readlink";
permission java.io.FilePermission "${solr.allowPaths}${/}-",
"read,write,delete,readlink";
+ permission java.io.FilePermission "${solr.sharedLib}", "read,readlink";
+ permission java.io.FilePermission "${solr.sharedLib}${/}-", "read,readlink";
+
permission java.io.FilePermission "${log4j.configurationFile}",
"read,write,delete,readlink";
// Credentials for S3 Repository
