Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Testing of Security Manager checklist #790

Closed
27 tasks done
alisevych opened this issue Aug 25, 2022 · 1 comment
Closed
27 tasks done

Testing of Security Manager checklist #790

alisevych opened this issue Aug 25, 2022 · 1 comment
Assignees
@alisevych
Labels
ctg-qa Issue is related to QA process

Comments

@alisevych
Copy link
Member

alisevych commented Aug 25, 2022
edited
Loading

Initial set-up

Check that the IntelliJ Idea UTBot plugin can be successfully installed

  • Choose appropriate workflow from the list - with Security Manager included - plugin build used
  • Download plugin
  • Open IntelliJ IDE
  • Remove previously installed UTBot plugin
  • Install the downloaded plugin

Go through manual scenarios

Basic security

Project with JDK 17 - blocked as UTBot is incompatible with JDK 12+

Permissions

  • add PropertyPermission in ~.utbot\sandbox.policy - check test for property is not in sandbox, execute
  • add "permission java.io.FilePermission "<>", "read";" - check test for read not in sandbox, execute
  • add AllPermission in ~.utbot\sandbox.policy - check NO tests are in sandbox, try to execute (carefully!!!)
  • corrupt permission - check how UTBot fails - found Too many permissions file rereads - can slow down much #796
  • empty file
  • remove ~.utbot\sandbox.policy file - check generated tests are in sandbox

Test rendering

Code structures
@alisevych alisevych self-assigned this Aug 25, 2022
@korifey korifey moved this to Todo in UTBot Java Aug 25, 2022
@alisevych
Copy link
Member Author

alisevych commented Aug 26, 2022
edited
Loading

@Markoutte @korifey
Please advise if UTBot needs to detect the restricted operations in Threads?
The following method is not executed - AccessControlException is thrown (in logs) - that's Ok.
But the generated tests are not disabled due to Sandbox

public int read() throws Throwable {
        Thread t = new Thread("fileRead") {
            public void run()  {
                try {
                    new File("a.txt").createNewFile();
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
        };
        t.start();
        Thread.sleep(500);
        return 10;
    }

@alisevych alisevych added the ctg-qa Issue is related to QA process label Aug 26, 2022
@alisevych alisevych changed the title Manual testing checklist for Security Manager Test checklist for Security Manager Aug 30, 2022
@alisevych alisevych mentioned this issue Sep 12, 2022
Open
Repository owner moved this from Todo to Done in UTBot Java Sep 12, 2022
@alisevych alisevych changed the title Test checklist for Security Manager Manual testing of Security Manager checklist Sep 14, 2022
@alisevych alisevych changed the title Manual testing of Security Manager checklist Testing of Security Manager checklist Sep 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alisevych alisevych

Labels
ctg-qa Issue is related to QA process
Projects
UTBot Java
Archived in project
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alisevych