elasticsearch

mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-22 14:17:51 -04:00

History

Przemyslaw Gomulka 983999fb0f Improve InnocuousThread permission checks handling backport(#91704 ) (#91862 ) Improve InnocuousThread permission checks handling (`6a3855112c`) on shutdown, the jdk's InnocuousThread can try to change a thread name. This requires "java.lang.RuntimePermission" "modifyThread" permission. However InnocuousThread doe not inherit any Access Control Context and therefore have no permissions. This results in AccessControlException. This commit fixes this by skipping a check for modify thread permission if a thread is innocuous. relates #91658 and #91650 When previously described AccessControlException is thrown, it is not being catched anywhere in the Elasticsearch, hence it ends up being handled by ElasticsearchUncaughtExceptionHandler#onNonFatalUncaught This is being again being run by the thread [process reaper] which is an innocuous thread (jdk specific) and has no permissions. onNonFatalUncaught is trying to log a message, but this in turn requires java.lang.RuntimePermission" "getenv." permission. which is does not have. This again results in AccessControlException java.lang.RuntimePermission" "getenv." We can fix this by executing with doPrivileged in ElasticsearchUncaughtExceptionHandler#onNonFatalUncaught and this will stop the Security Manager's walk and will have ES's global grant permissions. backport(#91704) closes #91650	2022-11-23 19:32:23 +01:00
..
src	Improve InnocuousThread permission checks handling backport(#91704 ) (#91862 )	2022-11-23 19:32:23 +01:00
build.gradle	[7.17] Rework testing conventions gradle plugin (#87213 ) (#88422 )	2022-07-12 10:58:40 +02:00

Przemyslaw Gomulka 983999fb0f

Improve InnocuousThread permission checks handling backport(#91704 ) (#91862 )

Improve InnocuousThread permission checks handling (6a3855112c)

on shutdown, the jdk's InnocuousThread can try to change a thread name. This requires "java.lang.RuntimePermission" "modifyThread" permission. However InnocuousThread doe not inherit any Access Control Context and therefore have no permissions. This results in AccessControlException.
This commit fixes this by skipping a check for modify thread permission if a thread is innocuous.
relates #91658 and #91650

When previously described AccessControlException is thrown, it is not being catched anywhere in the Elasticsearch, hence it ends up being handled by ElasticsearchUncaughtExceptionHandler#onNonFatalUncaught
This is being again being run by the thread [process reaper] which is an innocuous thread (jdk specific) and has no permissions. onNonFatalUncaught is trying to log a message, but this in turn requires java.lang.RuntimePermission" "getenv." permission. which is does not have. This again results in AccessControlException java.lang.RuntimePermission" "getenv."

We can fix this by executing with doPrivileged in ElasticsearchUncaughtExceptionHandler#onNonFatalUncaught and this will stop the Security Manager's walk and will have ES's global grant permissions.
backport(#91704)
closes #91650

2022-11-23 19:32:23 +01:00

src Improve InnocuousThread permission checks handling backport(#91704 ) (#91862 ) 2022-11-23 19:32:23 +01:00

build.gradle [7.17] Rework testing conventions gradle plugin (#87213 ) (#88422 ) 2022-07-12 10:58:40 +02:00