-
Notifications
You must be signed in to change notification settings - Fork 528
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Not allowed perform sensitive operations via gremlin
Implement #145 Change-Id: I9a590fe40d3b5a808b569ed0af8fd83214a2941a
- Loading branch information
Showing
6 changed files
with
209 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20 changes: 20 additions & 0 deletions
20
hugegraph-core/src/main/java/com/baidu/hugegraph/exception/SecurityException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
/* | ||
* Copyright (C) 2018 Baidu, Inc. All Rights Reserved. | ||
*/ | ||
|
||
package com.baidu.hugegraph.exception; | ||
|
||
import com.baidu.hugegraph.HugeException; | ||
|
||
public class SecurityException extends HugeException { | ||
|
||
private static final long serialVersionUID = -1427924451828873200L; | ||
|
||
public SecurityException(String message) { | ||
super(message); | ||
} | ||
|
||
public SecurityException(String message, Object... args) { | ||
super(message, args); | ||
} | ||
} |
129 changes: 129 additions & 0 deletions
129
hugegraph-core/src/main/java/com/baidu/hugegraph/security/HugeSecurityManager.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,129 @@ | ||
/* | ||
* Copyright (C) 2018 Baidu, Inc. All Rights Reserved. | ||
*/ | ||
|
||
package com.baidu.hugegraph.security; | ||
|
||
import java.io.FileDescriptor; | ||
import java.security.Permission; | ||
|
||
import org.slf4j.Logger; | ||
|
||
import com.baidu.hugegraph.util.Log; | ||
|
||
public class HugeSecurityManager extends SecurityManager { | ||
|
||
private static final Logger LOG = Log.logger(HugeSecurityManager.class); | ||
|
||
private static final String GremlinExecutor_Class = | ||
"org.apache.tinkerpop.gremlin.groovy.engine.ScriptEngines"; | ||
|
||
@Override | ||
public void checkPermission(Permission permission) { | ||
// allow anything. | ||
} | ||
|
||
@Override | ||
public void checkPermission(Permission permission, Object context) { | ||
// allow anything. | ||
} | ||
|
||
@Override | ||
public void checkAccess(ThreadGroup g) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to modify thread via gremlin"); | ||
} else { | ||
super.checkAccess(g); | ||
} | ||
} | ||
|
||
@Override | ||
public void checkExit(int status) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to call System.exit() via gremlin"); | ||
} else { | ||
super.checkExit(status); | ||
} | ||
} | ||
|
||
@Override | ||
public void checkRead(FileDescriptor fd) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to read file via gremlin"); | ||
} else { | ||
super.checkRead(fd); | ||
} | ||
} | ||
|
||
// @Override | ||
// public void checkRead(String file) { | ||
// if (this.callFromGremlin()) { | ||
// throw new SecurityException("Not allowed to read file via gremlin"); | ||
// } else { | ||
// super.checkRead(file); | ||
// } | ||
// } | ||
// | ||
// @Override | ||
// public void checkRead(String file, Object context) { | ||
// if (this.callFromGremlin()) { | ||
// throw new SecurityException("Not allowed to read file via gremlin"); | ||
// } else { | ||
// super.checkRead(file, context); | ||
// } | ||
// } | ||
|
||
@Override | ||
public void checkWrite(FileDescriptor fd) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to write file via gremlin"); | ||
} else { | ||
super.checkWrite(fd); | ||
} | ||
} | ||
|
||
@Override | ||
public void checkWrite(String file) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to write file via gremlin"); | ||
} else { | ||
super.checkWrite(file); | ||
} | ||
} | ||
|
||
@Override | ||
public void checkAccept(String host, int port) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to accept connect via gremlin"); | ||
} else { | ||
super.checkAccept(host, port); | ||
} | ||
} | ||
|
||
@Override | ||
public void checkConnect(String host, int port) { | ||
if (this.callFromGremlin()) { | ||
throw new SecurityException( | ||
"Not allowed to connect socket via gremlin"); | ||
} else { | ||
super.checkConnect(host, port); | ||
} | ||
} | ||
|
||
private boolean callFromGremlin() { | ||
StackTraceElement elements[] = Thread.currentThread().getStackTrace(); | ||
for (StackTraceElement element : elements) { | ||
String className = element.getClassName(); | ||
if (GremlinExecutor_Class.equals(className)) { | ||
return true; | ||
} | ||
} | ||
return false; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
// Standard extensions get all permissions by default | ||
|
||
// 目录要使用变量 | ||
grant codeBase "file:/Users/liningrui/IdeaProjects/baidu/xbu-data/hugegraph/hugegraph-0.8.0/hugegraph-core-0.8.0.jar" { | ||
permission java.security.AllPermission; | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters