[
https://issues.apache.org/jira/browse/HADOOP-13079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15266989#comment-15266989
]
Colin Patrick McCabe commented on HADOOP-13079:
-----------------------------------------------
bq. No way should -q be the default under any circumstances. That is extremely
surprising behavior that will definitely break stuff.
It's not surprising, because it matches the traditional UNIX / Linux behavior.
In Linux, {{/bin/ls}} will not print control characters by default. you must
pass the {{--show-control-characters}} option in order to see them. From the
man page:
{code}
--show-control-chars
show non graphic characters as-is (default unless program is 'ls'
and output is a terminal)
{code}
{{ls}} blasting raw control characters into an interactive terminal is a very
bad idea. It leads to some very serious security vulnerabilities because
commonly used software like {{xterm}}, {{GNU screen}}, {{tmux}} and so forth
interpret control characters. Using control characters, you can convince these
pieces of software to execute arbitrary code. See
http://marc.info/?l=bugtraq&m=104612710031920&q=p3 and
https://www.proteansec.com/linux/blast-past-executing-code-terminal-emulators-via-escape-sequences/
There are even CVEs for some of these issues.
We should make the default opt-in for printing control characters in our next
compatibility-breaking release (Hadoop 3.x).
bq. In C, isatty(STDOUT_FILENO) is used to find out whether the output is a
terminal. Since Java doesn't have isatty, I will use JNI to call C isatty()
because the closest test System.console() == null does not work in some cases.
It would really be nice if we could determine this without using JNI, because
it's often not available. Under what conditions does the {{System.console() ==
null}} check not work? The only case I was able to find in a quick Google
search was inside an eclipse console. That seems like a case where the
security issues would not be a concern, because it's a debugging environment.
Are there other cases where the non-JNI check would fail?
> Add -q to fs -ls to print non-printable characters
> --------------------------------------------------
>
> Key: HADOOP-13079
> URL: https://issues.apache.org/jira/browse/HADOOP-13079
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: John Zhuge
> Assignee: John Zhuge
> Labels: supportability
>
> Add option {{-q}} to "hdfs dfs -ls" to print non-printable characters as "?".
> Non-printable characters are defined by
> [isprint(3)|http://linux.die.net/man/3/isprint] according to the current
> locale.
> Default to {{-q}} behavior on terminal; otherwise, print raw characters. See
> the difference in these 2 command lines:
> * {{hadoop fs -ls /dir}}
> * {{hadoop fs -ls /dir | od -c}}
> In C, {{isatty(STDOUT_FILENO)}} is used to find out whether the output is a
> terminal. Since Java doesn't have {{isatty}}, I will use JNI to call C
> {{isatty()}} because the closest test {{System.console() == null}} does not
> work in some cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
