github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-20 21:27:35 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/modules
History
Exact
Lorenzo Dematté 591a08f506
[Entitlements] Validation checks on paths (#126852) (#127055) 
With this PR we restrict the paths we allow access to, forbidding plugins to specify/request entitlements for reading or writing to specific protected directories.

I added this validation to EntitlementInitialization, as I wanted to fail fast and this is the earliest occurrence where we have all we need: PathLookup to resolve relative paths, policies (for plugins, server, agents) and the Paths for the specific directories we want to protect.

Relates to ES-10918
2025-04-19 00:44:49 +10:00
..
aggregations Don't generate stacktrace in TaskCancelledException (#125002) (#125029) 2025-03-18 03:18:27 +11:00
analysis-common [8.18] Non existing synonyms sets do not fail shard recovery (#125659) (#125796) 2025-03-28 07:39:43 +01:00
apm Add missing APM entitlements (#123462) (#123964) 2025-03-04 20:07:35 +11:00
data-streams [8.18] Improve resiliency of UpdateTimeSeriesRangeService (#126680) 2025-04-11 22:49:23 +10:00
dot-prefix-validation [8.x] Enable queryable built-in roles feature by default (#120323) (#120886) 2025-01-27 23:40:15 +11:00
health-shards-availability Update Gradle wrapper to 8.12 (#118683) (#119363) 2024-12-31 08:36:31 +01:00
ingest-attachment Silence known entitlement warnings (#124883) (#125106) 2025-03-19 03:03:24 +11:00
ingest-common DateProcessor refactoring (#124349) (#124411) 2025-03-09 05:00:39 +11:00
ingest-geoip [Entitlements] Validation checks on paths (#126852) (#127055) 2025-04-19 00:44:49 +10:00
ingest-user-agent [Entitlements] Instrumentation of NIO Files and Channels (#122816 and #122591) (#122986) (#122993) 2025-02-20 20:45:01 +11:00
kibana Fix KibanaThreadPoolIT (#120097) 2025-01-14 15:21:41 +00:00
lang-expression Convert remaining module projects to new test clusters framework (#125613) (#125676) 2025-03-27 03:53:02 +11:00
lang-mustache Convert remaining module projects to new test clusters framework (#125613) (#125676) 2025-03-27 03:53:02 +11:00
lang-painless [8.18] Fix concurrency issue in ScriptSortBuilder (#123757) (#124514) 2025-03-11 22:40:47 +11:00
legacy-geo Update Gradle wrapper to 8.13 (#122421) (#123878) 2025-03-05 15:57:38 +01:00
mapper-extras Lazy initialization for SyntheticSourceSupport.loader() (#120896) (#120915) 2025-01-29 01:34:12 +11:00
parent-join [8.x] Stop caching source map on SearchHit#getSourceMap (#119888) (#120743) 2025-01-24 06:18:44 +11:00
percolator Update Gradle wrapper to 8.12 (#118683) (#119363) 2024-12-31 08:36:31 +01:00
rank-eval Convert remaining module projects to new test clusters framework (#125613) (#125676) 2025-03-27 03:53:02 +11:00
reindex [8.18] Move system indices migration to migrate plugin (#123551) (#123934) 2025-03-04 11:37:07 +11:00
repository-azure Add manage_threads entitlement for reactor.core (#125037) (#125041) 2025-03-18 05:27:47 +11:00
repository-gcs Silence known entitlement warnings (#124883) (#125106) 2025-03-19 03:03:24 +11:00
repository-s3 Silence known entitlement warnings (#124883) (#125106) 2025-03-19 03:03:24 +11:00
repository-url Rename environment dir accessors (#121803) (#121836) 2025-02-06 10:28:25 +11:00
rest-root Update Gradle wrapper to 8.12 (#118683) (#119363) 2024-12-31 08:36:31 +01:00
runtime-fields-common Update Gradle wrapper to 8.12 (#118683) (#119363) 2024-12-31 08:36:31 +01:00
systemd Update Gradle wrapper to 8.12 (#118683) (#119363) 2024-12-31 08:36:31 +01:00
transport-netty4 Convert remaining module projects to new test clusters framework (#125613) (#125676) 2025-03-27 03:53:02 +11:00
build.gradle Add AGPLv3 as a supported license 2024-09-13 14:30:33 -07:00