github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-24 15:17:30 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/distribution
History
Ryan Ernst 23a47cebf1
Add plugin permission validation (#64751) 
Security manager policies within plugins currently can ask to grant any
permission (though we block some within the security manager itself at
runtime). Yet most of these permissions should never be necessary, and
some we would actively not want any plugins to be allowed to use. This
commit adds validation of plugins' policy files to restrict the
permissions allowed to be granted to a subset that is reasonable for
plugins to need. The allowed permissions are not ideal (still containing
things like suppressAccessChecks), but it is a step forward in defining
a stricter model for plugins that reduces the surface area of potential
abuse.
2020-11-19 14:21:34 -08:00
..
archives Move tasks in build scripts to task avoidance api (#64046) 2020-11-12 12:04:15 +01:00
bwc Wire local unreleased bwc versions more efficient for tests (#62473) 2020-10-01 10:45:21 +02:00
docker Fix typo in generated Dockerfile for UBI 2020-11-17 18:56:45 +00:00
licenses Add notice for bundled jdk (#40576) 2019-03-29 17:20:53 -04:00
packages Use services for archive and file operations in tasks (#62968) 2020-10-01 10:47:41 +02:00
src Windows service installation should allow multiple values in ES_JAVA_OPTS (#64254) 2020-10-30 14:13:17 -04:00
tools Add plugin permission validation (#64751) 2020-11-19 14:21:34 -08:00
build.gradle Move tasks in build scripts to task avoidance api (#64046) 2020-11-12 12:04:15 +01:00