moresandeep commented on issue #68: KNOX-1814 - Moving conf/data folder checking to Java layer from bash URL: https://github.com/apache/knox/pull/68#issuecomment-471545224 Thanks for the PR @smolnar82 ! couple of things that I think would be good to have: 1. In this patch we are checking whether the folder is readable and writable, can we make sure that the permissions are not world readable (which is the case currently), this would be really great to have, something like PosixFilePermissions, this would help with KNOX-1432 `final Set<PosixFilePermission> permissions = new HashSet<>(); permissions.add(PosixFilePermission.OWNER_READ); permissions.add(PosixFilePermission.OWNER_WRITE); // not sure if we need this //permissions.add(PosixFilePermission.OWNER_EXECUTE); Files.setPosixFilePermissions(file.toPath(), permissions);` 2. Also, would be nice to have just one function check for read and write, perhaps use a boolean flag to check if you strictly want to check for one over the other.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
