代码拉取完成,页面将自动刷新
同步操作将从 狮子的魂/elasticsearch-jcseg 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
/*
* Licensed to Elasticsearch under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
* @Note: from chenxin<chenxin619315@gmail.com>
* self define security policy file and extended from org/elasticsearch/bootstrap/security.policy
*/
/// // Default security policy file.
/// // On startup, BootStrap reads environment and adds additional permissions
/// // for configured paths and network binding to these.
///
/// //// SecurityManager impl:
/// //// Must have all permissions to properly perform access checks
///
/// grant codeBase "${codebase.securesm-1.1.jar}" {
/// permission java.security.AllPermission;
/// };
///
/// //// Very special jar permissions:
/// //// These are dangerous permissions that we don't want to grant to everything.
///
/// grant codeBase "${codebase.lucene-core-6.3.0.jar}" {
/// // needed to allow MMapDirectory's "unmap hack" (die unmap hack, die)
/// // java 8 package
/// permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
/// // java 9 "package"
/// permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.ref";
/// permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
/// // NOTE: also needed for RAMUsageEstimator size calculations
/// permission java.lang.RuntimePermission "accessDeclaredMembers";
/// };
///
/// grant codeBase "${codebase.lucene-misc-6.3.0.jar}" {
/// // needed to allow shard shrinking to use hard-links if possible via lucenes HardlinkCopyDirectoryWrapper
/// permission java.nio.file.LinkPermission "hard";
/// };
///
/// //// Everything else:
///
/// grant {
///
/// // checked by scripting engines, and before hacks and other issues in
/// // third party code, to safeguard these against unprivileged code like scripts.
/// permission org.elasticsearch.SpecialPermission;
///
/// // Allow connecting to the internet anywhere
/// permission java.net.SocketPermission "*", "accept,connect,resolve";
///
/// // Allow read access to all system properties
/// permission java.util.PropertyPermission "*", "read";
///
/// // TODO: clean all these property writes up, and don't allow any more in. these are all bogus!
///
/// // LuceneTestCase randomization (locale/timezone/cpus/ssd)
/// // TODO: put these in doPrivileged and move these to test-framework.policy
/// permission java.util.PropertyPermission "user.language", "write";
/// permission java.util.PropertyPermission "user.timezone", "write";
/// permission java.util.PropertyPermission "lucene.cms.override_core_count", "write";
/// permission java.util.PropertyPermission "lucene.cms.override_spins", "write";
/// // messiness in LuceneTestCase: do the above, or clean this up, or simply allow to fail if its denied
/// permission java.util.PropertyPermission "solr.solr.home", "write";
/// permission java.util.PropertyPermission "solr.data.dir", "write";
/// permission java.util.PropertyPermission "solr.directoryFactory", "write";
///
/// // set by ESTestCase to improve test reproducibility
/// // TODO: set this with gradle or some other way that repros with seed?
/// permission java.util.PropertyPermission "processors.override", "write";
///
/// // TODO: these simply trigger a noisy warning if its unable to clear the properties
/// // fix that in randomizedtesting
/// permission java.util.PropertyPermission "junit4.childvm.count", "write";
/// permission java.util.PropertyPermission "junit4.childvm.id", "write";
///
/// // needed by Settings
/// permission java.lang.RuntimePermission "getenv.*";
///
/// // thread permission for the same thread group and ancestor groups
/// // (this logic is more strict than the JDK, see SecureSM)
/// permission java.lang.RuntimePermission "modifyThread";
/// permission java.lang.RuntimePermission "modifyThreadGroup";
///
/// // needed by ExceptionSerializationTests and RestTestCase for
/// // some hackish things they do. otherwise only needed by groovy
/// // (TODO: clean this up?)
/// permission java.lang.RuntimePermission "getProtectionDomain";
///
/// // needed by HotThreads and potentially more
/// // otherwise can be provided only to test libraries
/// permission java.lang.RuntimePermission "getStackTrace";
///
/// // needed by JMX instead of getFileSystemAttributes, seems like a bug...
/// permission java.lang.RuntimePermission "getFileStoreAttributes";
///
/// // needed for jimfs and NewPathForShardsTests
/// // otherwise can be provided only to test libraries
/// permission java.lang.RuntimePermission "fileSystemProvider";
///
/// // needed by jvminfo for monitoring the jvm
/// permission java.lang.management.ManagementPermission "monitor";
///
/// // needed by JDKESLoggerTests
/// permission java.util.logging.LoggingPermission "control";
///
/// // load averages on Linux
/// permission java.io.FilePermission "/proc/loadavg", "read";
///
/// // read max virtual memory areas
/// permission java.io.FilePermission "/proc/sys/vm/max_map_count", "read";
///
/// // io stats on Linux
/// permission java.io.FilePermission "/proc/diskstats", "read";
///
/// // control group stats on Linux
/// permission java.io.FilePermission "/proc/self/cgroup", "read";
/// permission java.io.FilePermission "/sys/fs/cgroup/cpu", "read";
/// permission java.io.FilePermission "/sys/fs/cgroup/cpu/-", "read";
/// permission java.io.FilePermission "/sys/fs/cgroup/cpuacct", "read";
/// permission java.io.FilePermission "/sys/fs/cgroup/cpuacct/-", "read";
///
/// /*
/// * Limited security policy for scripts.
/// * This is what is needed for basic functionality to work.
/// */
/// // groovy IndyInterface bootstrap requires this property for indy logging
/// permission java.util.PropertyPermission "groovy.indy.logging", "read";
/// // groovy requires this to enable workaround for certain JVMs (https://github.com/apache/groovy/pull/137)
/// permission java.util.PropertyPermission "java.vm.name", "read";
/// permission java.util.PropertyPermission "groovy.use.classvalue", "read";
///
/// // needed by Rhino engine exception handling
/// permission java.util.PropertyPermission "rhino.stack.style", "read";
///
/// // needed IndyInterface selectMethod (setCallSiteTarget)
/// // TODO: clean this up / only give it to engines that really must have it
/// permission java.lang.RuntimePermission "getClassLoader";
/// };
//@Note added at 2017/01/03 by lionsoul
grant {
permission java.io.FilePermission "../lexicon/-", "read";
};
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
