Only grant connect,accept permissions to transport-netty4 #22116
Description
Today we still grant a quite scary permission to core:
// Allow connecting to the internet anywhere
permission java.net.SocketPermission "*", "accept,connect,resolve";
But since we now have netty4 moved to a module we can potentially move this to into the modules security policy. Yet, there are a bunch of things that needs fixing until we can do that:
- since we use MockTcpTransport from our test framework this needs to have the same permissions granted. Yet, if we just go ahead and grant
accept,connectto the test-framework we might run into trouble since our tests will just inherit that permission ie. if unit and pseudo integ-tests are run since we don't grant this to a codebase. We might want to add some kind ofMockSocketproject just like SecureMock that we can grant this permission to and where we can depend on for testing. - netty-4 still has issues with missing
doPrivilegedblocks that needs fixing - move URLRepository somewhere else since it uses connect and core shouldn't establish any kind of connection. (this can be a second step, we can first start removing
acceptfrom the list. - some other plugins like ec2 / gce etc. might need extra permission to connect to their endpoints which needs manual testing
here is an example of a missing doPrivileged block ie here:
> Throwable #1: java.security.AccessControlException: access denied ("java.net.SocketPermission" "[fe80:0:0:0:0:0:0:1%1]:52661" "connect,resolve")
> at __randomizedtesting.SeedInfo.seed([8FDA867CA1C20E0D:47AB82401EC3F2C5]:0)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
> at java.security.AccessController.checkPermission(AccessController.java:884)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
> at sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:625)
> at io.netty.channel.socket.nio.NioSocketChannel.doConnect(NioSocketChannel.java:331)
> at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.connect(AbstractNioChannel.java:254)
> at io.netty.channel.DefaultChannelPipeline$HeadContext.connect(DefaultChannelPipeline.java:1266)
> at io.netty.channel.AbstractChannelHandlerContext.invokeConnect(AbstractChannelHandlerContext.java:556)
> at io.netty.channel.AbstractChannelHandlerContext.connect(AbstractChannelHandlerContext.java:541)
> at io.netty.channel.ChannelOutboundHandlerAdapter.connect(ChannelOutboundHandlerAdapter.java:47)
> at io.netty.channel.AbstractChannelHandlerContext.invokeConnect(AbstractChannelHandlerContext.java:556)
> at io.netty.channel.AbstractChannelHandlerContext.connect(AbstractChannelHandlerContext.java:541)
> at io.netty.channel.AbstractChannelHandlerContext.connect(AbstractChannelHandlerContext.java:523)
> at io.netty.channel.DefaultChannelPipeline.connect(DefaultChannelPipeline.java:985)
> at io.netty.channel.AbstractChannel.connect(AbstractChannel.java:255)
> at io.netty.bootstrap.Bootstrap$3.run(Bootstrap.java:252)
> at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:163)
> at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:418)
> at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:454)
> at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:873)
> at io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144)
> at java.lang.Thread.run(Thread.java:745)