Thanks Alan for the clarification and the documentation fixes! This does not 
solve the "returns null if not found or otherwise denied" issue, but this is a 
problem from the early Java days, which cannot be fixed anymore (to throw 
useful Exception if resource not found).

To fix our own code (we also have some getResource[AsStream]() calls in 
Lucene's codebase without doPrivileged), I opened the following issue: 

We cannot fix this in 3rd party JARs, so we cannot remove our extra permission.

Nevertheless, the "original" issue with the symlinked home directory should be 
solved separately. I made a proposal to Max (Weijun Wang) how to fix this while 
reading the policy file. We fixed the problem locally by fixing the Jenkins 
User account running the tests to not have a symlinked user.home dir anymore.


Uwe Schindler
ASF Member, Apache Lucene PMC / Committer
Bremen, Germany

> -----Original Message-----
> From: Alan Bateman [mailto:alan.bate...@oracle.com]
> Sent: Tuesday, October 18, 2016 12:40 PM
> To: Uwe Schindler <uschind...@apache.org>; dev@lucene.apache.org;
> 'Wang Weijun' <weijun.w...@oracle.com>
> Cc: 'Dalibor Topic' <dalibor.to...@oracle.com>; 'Balchandra Vaidya'
> <balchandra.vai...@oracle.com>; 'Muneer Kolarkunnu'
> <abdul.kolarku...@oracle.com>; 'Rory O'Donnell'
> <rory.odonn...@oracle.com>; Mandy Chung <mandy.ch...@oracle.com>
> Subject: Re: [JENKINS-EA] Lucene-Solr-master-Linux (32bit/jdk-9-ea+140) -
> Build # 18064 - Unstable!
> On 18/10/2016 10:25, Uwe Schindler wrote:
> > :
> >  From my perspective this looks wrong, because there is no security
> implications documented on Class#getResource, so it is completely unclear
> that you actually need a doPrivileged when calling
> Class#getResource[AsStream](). This is a separate issue and has nothing to
> do with your changes. It was and still is broken, IMHO.
> >
> Just to say that Class#getResources has always done a permission check
> but the spec didn't properly document this. We have improved the spec in
> the jigsaw/jake forest (as part of the effort to specify how resources
> in modules are located) and this includes specifying the longstanding
> permission check [1]. I can't say yet when this will be in JSR because
> the changes in this area are tied to a number of issues under discussion
> in JSR 376.
> -Alan
> [1]
> http://download.java.net/java/jigsaw/docs/api/java/lang/Class.html#getRes
> ource-java.lang.String-
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
> For additional commands, e-mail: dev-h...@lucene.apache.org

To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to