Skip to content

Commit d9560e5

Browse files
authored
Add SecureSM support for newer IDEA versions (#49747)
IntelliJ IDEA moved their JUnit runner to a different package. While this does not break running tests in IDEA, it leads to an ugly exception being thrown at the end of the tests: Exception in thread "main" java.lang.SecurityException: java.lang.System#exit(0) calls are not allowed at org.elasticsearch.secure_sm.SecureSM$2.run(SecureSM.java:248) at org.elasticsearch.secure_sm.SecureSM$2.run(SecureSM.java:215) at java.base/java.security.AccessController.doPrivileged(AccessController.java:310) at org.elasticsearch.secure_sm.SecureSM.innerCheckExit(SecureSM.java:215) at org.elasticsearch.secure_sm.SecureSM.checkExit(SecureSM.java:206) at java.base/java.lang.Runtime.exit(Runtime.java:111) at java.base/java.lang.System.exit(System.java:1781) at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:59) This commit adds support for newer IDEA versions in SecureSM.
1 parent 0a9447b commit d9560e5

File tree

1 file changed

+20
-18
lines changed
  • libs/secure-sm/src/main/java/org/elasticsearch/secure_sm

1 file changed

+20
-18
lines changed

libs/secure-sm/src/main/java/org/elasticsearch/secure_sm/SecureSM.java

Lines changed: 20 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -46,16 +46,16 @@
4646
* <ul>
4747
* <li>{@code modifyThread} and {@code modifyThreadGroup} are required for any thread access
4848
* checks: with these permissions, access is granted as long as the thread group is
49-
* the same or an ancestor ({@code sourceGroup.parentOf(targetGroup) == true}).
49+
* the same or an ancestor ({@code sourceGroup.parentOf(targetGroup) == true}).
5050
* <li>code without these permissions can do very little, except to interrupt itself. It may
5151
* not even create new threads.
52-
* <li>very special cases (like test runners) that have {@link ThreadPermission} can violate
52+
* <li>very special cases (like test runners) that have {@link ThreadPermission} can violate
5353
* threadgroup security rules.
5454
* </ul>
5555
* <p>
5656
* If java security debugging ({@code java.security.debug}) is enabled, and this SecurityManager
5757
* is installed, it will emit additional debugging information when threadgroup access checks fail.
58-
*
58+
*
5959
* @see SecurityManager#checkAccess(Thread)
6060
* @see SecurityManager#checkAccess(ThreadGroup)
6161
* @see <a href="http://cs.oswego.edu/pipermail/concurrency-interest/2009-August/006508.html">
@@ -105,8 +105,10 @@ public static SecureSM createTestSecureSM() {
105105
"com\\.carrotsearch\\.ant\\.tasks\\.junit4\\.slave\\..*",
106106
// eclipse test runner
107107
"org\\.eclipse.jdt\\.internal\\.junit\\.runner\\..*",
108-
// intellij test runner
109-
"com\\.intellij\\.rt\\.execution\\.junit\\..*"
108+
// intellij test runner (before IDEA version 2019.3)
109+
"com\\.intellij\\.rt\\.execution\\.junit\\..*",
110+
// intellij test runner (since IDEA version 2019.3)
111+
"com\\.intellij\\.rt\\.junit\\..*"
110112
};
111113

112114
// java.security.debug support
@@ -122,7 +124,7 @@ public Boolean run() {
122124
}
123125
}
124126
});
125-
127+
126128
@Override
127129
@SuppressForbidden(reason = "java.security.debug messages go to standard error")
128130
public void checkAccess(Thread t) {
@@ -137,7 +139,7 @@ public void checkAccess(Thread t) {
137139
throw e;
138140
}
139141
}
140-
142+
141143
@Override
142144
@SuppressForbidden(reason = "java.security.debug messages go to standard error")
143145
public void checkAccess(ThreadGroup g) {
@@ -157,7 +159,7 @@ private void debugThreadGroups(final ThreadGroup caller, final ThreadGroup targe
157159
System.err.println("access: caller group=" + caller);
158160
System.err.println("access: target group=" + target);
159161
}
160-
162+
161163
// thread permission logic
162164

163165
private static final Permission MODIFY_THREAD_PERMISSION = new RuntimePermission("modifyThread");
@@ -168,31 +170,31 @@ protected void checkThreadAccess(Thread t) {
168170

169171
// first, check if we can modify threads at all.
170172
checkPermission(MODIFY_THREAD_PERMISSION);
171-
173+
172174
// check the threadgroup, if its our thread group or an ancestor, its fine.
173175
final ThreadGroup source = Thread.currentThread().getThreadGroup();
174176
final ThreadGroup target = t.getThreadGroup();
175-
177+
176178
if (target == null) {
177179
return; // its a dead thread, do nothing.
178180
} else if (source.parentOf(target) == false) {
179181
checkPermission(MODIFY_ARBITRARY_THREAD_PERMISSION);
180182
}
181183
}
182-
184+
183185
private static final Permission MODIFY_THREADGROUP_PERMISSION = new RuntimePermission("modifyThreadGroup");
184186
private static final Permission MODIFY_ARBITRARY_THREADGROUP_PERMISSION = new ThreadPermission("modifyArbitraryThreadGroup");
185-
187+
186188
protected void checkThreadGroupAccess(ThreadGroup g) {
187189
Objects.requireNonNull(g);
188190

189191
// first, check if we can modify thread groups at all.
190192
checkPermission(MODIFY_THREADGROUP_PERMISSION);
191-
193+
192194
// check the threadgroup, if its our thread group or an ancestor, its fine.
193195
final ThreadGroup source = Thread.currentThread().getThreadGroup();
194196
final ThreadGroup target = g;
195-
197+
196198
if (source == null) {
197199
return; // we are a dead thread, do nothing
198200
} else if (source.parentOf(target) == false) {
@@ -205,7 +207,7 @@ protected void checkThreadGroupAccess(ThreadGroup g) {
205207
public void checkExit(int status) {
206208
innerCheckExit(status);
207209
}
208-
210+
209211
/**
210212
* The "Uwe Schindler" algorithm.
211213
*
@@ -227,7 +229,7 @@ public Void run() {
227229
exitMethodHit = className + '#' + methodName + '(' + status + ')';
228230
continue;
229231
}
230-
232+
231233
if (exitMethodHit != null) {
232234
if (classesThatCanExit == null) {
233235
break;
@@ -240,15 +242,15 @@ public Void run() {
240242
break;
241243
}
242244
}
243-
245+
244246
if (exitMethodHit == null) {
245247
// should never happen, only if JVM hides stack trace - replace by generic:
246248
exitMethodHit = "JVM exit method";
247249
}
248250
throw new SecurityException(exitMethodHit + " calls are not allowed");
249251
}
250252
});
251-
253+
252254
// we passed the stack check, delegate to super, so default policy can still deny permission:
253255
super.checkExit(status);
254256
}

0 commit comments

Comments
 (0)