steveloughran opened a new pull request #2977: URL: https://github.com/apache/hadoop/pull/2977
Moves the checking on restricted access to when env vars and system props are retrieved, rather than the actual parsing of the string. With tests to verify this. I've looked at this carefully to see if I'm introducing any security risks. I don't see any. Notable that if a system property or env var is set, you can't override it in the config file, because the property/var eval comes first. i.e. If I set a property user.name the system property user.name would win. That is not new in this patch. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
