risdenk commented on a change in pull request #217: KNOX-2147 - Mask
username/password in case we display call history and keep them safely (by
setting proper file permissions) in JSON file
URL: https://github.com/apache/knox/pull/217#discussion_r357762996
##########
File path:
gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableJSONSerializer.java
##########
@@ -41,6 +52,7 @@
// SimpleDateFormat is not thread safe must use as a ThreadLocal
static final ThreadLocal<DateFormat> JSON_DATE_FORMAT =
ThreadLocal.withInitial(() ->
new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ",
Locale.getDefault()));
+ private static final Set<PosixFilePermission> ONLY_OWNER_FILE_PERMISSIONS =
PosixFilePermissions.fromString("rw-------");
Review comment:
This will only work on UNIX. This will break on Windows. Better to use owner
canRead/canWrite/etc there are ways to set this on a Path/File without using
`PosixFilePermissions`
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
