[jira] Commented: (HADOOP-3259) Configuration.substituteVars() needs to handle security exceptions

Wed, 07 May 2008 11:17:27 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12594986#action_12594986
 ] 

Hadoop QA commented on HADOOP-3259:
-----------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12381558/3259.patch
  against trunk revision 654128.

    +1 @author.  The patch does not contain any @author tags.

    -1 tests included.  The patch doesn't appear to include any new or modified 
tests.
                        Please justify why no tests are needed for this patch.

    +1 javadoc.  The javadoc tool did not generate any warning messages.

    +1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

    +1 findbugs.  The patch does not introduce any new Findbugs warnings.

    +1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

    +1 core tests.  The patch passed core unit tests.

    +1 contrib tests.  The patch passed contrib unit tests.

Test results: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/testReport/
Findbugs warnings: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Checkstyle results: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/artifact/trunk/build/test/checkstyle-errors.html
Console output: 
http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/console

This message is automatically generated.

> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
>                 Key: HADOOP-3259
>                 URL: https://issues.apache.org/jira/browse/HADOOP-3259
>             Project: Hadoop Core
>          Issue Type: Bug
>          Components: conf
>    Affects Versions: 0.16.2
>            Reporter: Steve Loughran
>            Assignee: Edward J. Yoon
>            Priority: Trivial
>             Fix For: 0.18.0
>
>         Attachments: 3259.patch
>
>
> Inside Configuration.substituteVars(), there is a call to 
> System.getProperty(var); this contains the implicit assumption that the JVM 
> will never block access to a system property, because if that is the case 
> -such as when the Configuration is running under a restrictive security 
> manager, a SecurityException gets thrown. This will get thrown all the way up 
> the tree. 
> Better to have some plan to handle it in situ, such as a [EMAIL PROTECTED] 
> level then leave the property unexpanded. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to