spiritxishi opened a new issue, #12143: URL: https://github.com/apache/inlong/issues/12143
### Description Currently, the Manager API accepts a filePath property when creating or modifying a stream source of type FILE. This path is stored and passed to the Agent without any validation. Affected API: inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/openapi/OpenStreamSourceController.java inlong-agent/agent-plugins/src/main/java/org/apache/inlong/agent/plugin/sources/LogFileSource.java To fix this issue, it is necessary to add relevant validation to this API. Validate the file source path, and forbid the Agent from collecting data when the path contains .. Run the Agent with the minimum required filesystem permissions (read-only access to specific data directories only) ### InLong Component InLong Manager ### Are you willing to submit PR? - [x] Yes, I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
