[
https://issues.apache.org/jira/browse/LUCENE-5650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14017051#comment-14017051
]
Dawid Weiss commented on LUCENE-5650:
-------------------------------------
This looks like a screwup in Hadoop because it attempts to create all parent
folders, including those it has no access to (and which MUST already exist at
that time):
{code}
Caused by: java.security.AccessControlException: access denied
("java.io.FilePermission"
"/Users/sarowe/svn/lucene/dev/trunk4/solr/build/solr-core/test/J0" "write")
[junit4] 2> at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
[junit4] 2> at
java.security.AccessController.checkPermission(AccessController.java:559)
[junit4] 2> at
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
[junit4] 2> at
java.lang.SecurityManager.checkWrite(SecurityManager.java:979)
[junit4] 2> at java.io.File.mkdir(File.java:1305)
[junit4] 2> at
org.apache.hadoop.fs.RawLocalFileSystem.mkdirs(RawLocalFileSystem.java:427)
...
{code}
Here is what this routine looks like:
{code}
/**
* Creates the specified directory hierarchy. Does not
* treat existence as an error.
*/
@Override
public boolean mkdirs(Path f) throws IOException {
if(f == null) {
throw new IllegalArgumentException("mkdirs path arg is null");
}
Path parent = f.getParent();
File p2f = pathToFile(f);
if(parent != null) {
File parent2f = pathToFile(parent);
if(parent2f != null && parent2f.exists() && !parent2f.isDirectory()) {
throw new FileAlreadyExistsException("Parent path is not a directory: "
+ parent);
}
}
return (parent == null || mkdirs(parent)) &&
(p2f.mkdir() || p2f.isDirectory());
}
{code}
I think this is an error in Hadoop -- they always mkdirs() on parent folders,
even if they exist.
> Enforce read-only access to any path outside the temporary folder via
> security manager
> --------------------------------------------------------------------------------------
>
> Key: LUCENE-5650
> URL: https://issues.apache.org/jira/browse/LUCENE-5650
> Project: Lucene - Core
> Issue Type: Improvement
> Components: general/test
> Reporter: Ryan Ernst
> Assignee: Dawid Weiss
> Priority: Minor
> Fix For: 4.9, 5.0
>
> Attachments: LUCENE-5650.patch, LUCENE-5650.patch, LUCENE-5650.patch,
> LUCENE-5650.patch, dih.patch
>
>
> The recent refactoring to all the create temp file/dir functions (which is
> great!) has a minor regression from what existed before. With the old
> {{LuceneTestCase.TEMP_DIR}}, the directory was created if it did not exist.
> So, if you set {{java.io.tmpdir}} to {{"./temp"}}, then it would create that
> dir within the per jvm working dir. However, {{getBaseTempDirForClass()}}
> now does asserts that check the dir exists, is a dir, and is writeable.
> Lucene uses {{"."}} as {{java.io.tmpdir}}. Then in the test security
> manager, the per jvm cwd has read/write/execute permissions. However, this
> allows tests to write to their cwd, which I'm trying to protect against (by
> setting cwd to read/execute in my test security manager).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
