Granting SecurityPermissions to extension

menostos · October 23, 2017, 2:46pm

Hi

I try to develop an x-pack extension which, as it seems, requires SecurityPermission to insertProvider.BC.
So i put this in my x-pack-extension-security.policy:

grant {
  permission java.security.SecurityPermission "insertProvider.BC";
};

This is being picked up by the x-pack/extension install script, showing that it needs to grant these permissions.

However, when I start elasticsearch i'm still getting the following:

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "insertProvider.BC")

Am I doing something wrong or has this been disabled for security reasons?

rjernst · October 23, 2017, 5:43pm

You need to wrap your code requiring the permission inside a doPrivileged block. Have you read the plugin author help page?

menostos · November 8, 2017, 3:42pm

Thought I did that, or the check for permission did already fail.
Nevermind it's working now.

Topic		Replies	Views
Plugin-security.policy has not effect Elasticsearch	10	3890	February 21, 2019
Trying to install x-pack on 5.4.1 and it is failing Elasticsearch	3	1473	July 7, 2017
Plugin jars security policy Elasticsearch	9	3818	July 5, 2017
The settings of java.policy Elasticsearch	2	1114	February 8, 2019
How to customize plugin-security.policy for custom realm Elasticsearch	7	2934	February 14, 2017

Granting SecurityPermissions to extension

Related topics