[
https://issues.apache.org/jira/browse/LUCENE-4337?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13445285#comment-13445285
]
Uwe Schindler commented on LUCENE-4337:
---------------------------------------
Just to conclude some problems we had and why I fixed it, also for ASF Jenkins:
# The security policy does not prevent java classes from LISTEN on any ip
adresses. Policys only check the port number. So if you bind to 0.0.0.0:123 or
127.0.0.1:123 or a.b.c.d:123 makes no difference if port 123 is allowed by
security policy.
# The security policy as we have it does not grant ACCEPT on any different
address than localhost. This means although all Solr servers opening public
ports on 0.0.0.0 while running tests, *the Java 'Firewall' (LOL) protects you
by only allowing connections from localhost not external IPs*
# The policy pattern to do this is defaulting by JDK's to "localhost:1024-",
which means it may accept connections from localhost on remote ports >= 1024
(as client, means remote socket address as seen from acceptor) and it may
listen only on ports >= 1024. This works perfectly unless you have a broken
network configuration, so we added additional policies:
- As localhost may point not necessarily to 127.0.0.1 or ::1 (could be
127.0.0.2 or the public IP, some /etc/hosts are wrong in regard to this,
sometimes windows), but Solr clients in tests always use "127.0.0.1"
(hardcoded) as target address, the connection would be disallowed. So I added
in addition to "localhost:1024-" we added "127.0.0.1:1024-" and "[::1]:1024-"
as ACCEPT granted.
- On the ASF Jenkins server we had another address problem, see:
[http://freebsd.1045724.n5.nabble.com/jail-external-and-localhost-distinction-td3967320.html].
To explain: In FreeBSD Jails the localhost interface does not exist inside
Jails, its emulated by the kernel of the main OS by mapping it to the
real-world global IP. This causes that connections *to* localhost appear to the
server you are connecting to like they would come from the public outside IP,
but the security policy wants localhost. As ASF Jenkins is the only Jail we are
working with and this setup is broken (a lot of software does not like that), I
added another grant entry just for the public IP of ASF Jenkins so it accepts
connections from this IP.
Finally Robert fixed the recent Jenkins issue caused by the security filesystem
sandbox, so the clover tests were not able to write the clover.db file outside
the sandbox. Thanks Robert!
> Create Java security manager for forcible asserting behaviours in testing
> -------------------------------------------------------------------------
>
> Key: LUCENE-4337
> URL: https://issues.apache.org/jira/browse/LUCENE-4337
> Project: Lucene - Core
> Issue Type: Bug
> Affects Versions: 4.0-BETA
> Reporter: Greg Bowyer
> Assignee: Uwe Schindler
> Fix For: 5.0, 4.0
>
> Attachments: ChrootSecurityManager.java,
> ChrootSecurityManagerTest.java, LUCENE-4337.patch, LUCENE-4337.patch,
> LUCENE-4337.patch
>
>
> Following on from conversations about mutation testing, there is an interest
> in building a Java security manager that is able to assert / guarantee
> certain behaviours
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
