lujiefsi edited a comment on pull request #5066:
URL: https://github.com/apache/cloudstack/pull/5066#issuecomment-853515133
Hi @rhtyd Yes, most the template related registration and operations
actually run in ssvm which is not generally accessible. what I concern is
below code:
protected boolean swiftUploadMetadataFile(SwiftTO swift, File srcFile,
String containerName, String uniqueName) throws IOException {
File uniqDir = _storage.createUniqDir();
String metaFileName = uniqDir.getAbsolutePath() + File.separator +
_tmpltpp;
_storage.create(uniqDir.getAbsolutePath(), _tmpltpp);// metafile is
created
long virtualSize = getVirtualSize(srcFile,
getTemplateFormat(srcFile.getName()));
File metaFile = swiftWriteMetadataFile(metaFileName, uniqueName,
srcFile.getName(), srcFile.length(), virtualSize);///metafile is written with
uniquename,filename,size,virtualsize
SwiftUtil.putObject(swift, metaFile, containerName, _tmpltpp);
metaFile.delete();
uniqDir.delete();
return true;
}
are the uniquename,filename,size and virtualsize sensitive? If not, that's
ok.
I also still have another concern, that is if others take JavaStorageLayer
as library for future, thay maybe not aware that the tmp dir created by
createUniqDir is worldreadable.
Meanwhile, i give a new commit to fix the potential NPE when the tmp dir
does not exist.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
