Skip to content

Commit

Permalink
Remove duplicate permissions (opensearch-project#3690)
Browse files Browse the repository at this point in the history
### Description
Permission: `permission java.util.PropertyPermission "*", "read,write";`
was declared twice. Observed here:
opensearch-project#3671
I will backport it in my PR.

### Testing
[Please provide details of testing done: unit testing, integration
testing and manual testing]

### Check List
- [ ] New functionality includes testing
- [ ] New functionality has been documented
- [ ] Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and
signing off your commits, please check
[here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

Signed-off-by: Andrey Pleskach <[email protected]>
  • Loading branch information
willyborankin authored Nov 13, 2023
1 parent 6f0f4d0 commit 7588593
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions plugin-security.policy
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ grant {
permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "doAs";
permission javax.security.auth.kerberos.ServicePermission "*","accept";

//SAML and internal plugin policy
permission java.util.PropertyPermission "*","read,write";

//Enable when we switch to UnboundID LDAP SDK
Expand Down Expand Up @@ -74,8 +76,6 @@ grant {
//Enable this permission to debug unauthorized de-serialization attempt
//permission java.io.SerializablePermission "enableSubstitution";

//SAML policy
permission java.util.PropertyPermission "*", "read,write";
};

grant codeBase "${codebase.netty-common}" {
Expand Down

0 comments on commit 7588593

Please sign in to comment.