[ 
https://issues.apache.org/jira/browse/VFS-651?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Syed Aqeel Ashiq updated VFS-651:
---------------------------------
    Description: 
Consider a user X only has read/write access to let's say /sftp and /sftp/abc 
directory on a sftp server. And default directory for user is /sftp
In this case, we have to set userDirIsRoot to false, and thus vfs will try to 
switch to root directory, which will fail due to lack of read permission.

This is the underlying code responsible in
org.apache.commons.vfs.provider.sftp.SftpFileSystem:
{code:java}
Boolean userDirIsRoot = 
SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
String workingDirectory = getRootName().getPath();
if (workingDirectory != null && (userDirIsRoot == null || 
!userDirIsRoot.booleanValue())) {
    try {
        channel.cd(workingDirectory); 
    } catch (SftpException e) {
        throw new 
FileSystemException("vfs.provider.sftp/change-work-directory.error", 
workingDirectory);
    }
}{code}

It purposelessly switches to root directory of filesystem. There is a fare 
use-case that root directory doesn't have read access.

*Possible Fix:* It should not switch to root directory, rather it should switch 
to actual final directory, that would be safest. E.g. if the needed directory 
is '/sftp/abc' then it can switch to that directory in above code, rather than 
switching to root.

Please also see related SO question:
https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed

  was:
Consider a user X only has read/write access to let's say /sftp and /sftp/abc 
directory on a sftp server. And default directory for user is /sftp
In this case, we have to set userDirIsRoot to false, and thus vfs will try to 
switch to root directory, which will fail due to lack of read permission.

This is the underlying code responsible: 
{code:java}
Boolean userDirIsRoot = 
SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
String workingDirectory = getRootName().getPath();
if (workingDirectory != null && (userDirIsRoot == null || 
!userDirIsRoot.booleanValue())) {
    try {
        channel.cd(workingDirectory); 
    } catch (SftpException e) {
        throw new 
FileSystemException("vfs.provider.sftp/change-work-directory.error", 
workingDirectory);
    }
}{code}

It purposelessly switches to root directory of filesystem. There is a fare 
use-case that root directory doesn't have read access.

*Possible Fix:* It should not switch to root directory, rather it should switch 
to actual final directory, that would be safest. E.g. if the needed directory 
is '/sftp/abc' then it can switch to that directory in above code, rather than 
switching to root.

Please also see related SO question:
https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed


> SftpFileSystem Should not switch to root directory when not absolutely needed
> -----------------------------------------------------------------------------
>
>                 Key: VFS-651
>                 URL: https://issues.apache.org/jira/browse/VFS-651
>             Project: Commons VFS
>          Issue Type: Bug
>    Affects Versions: 2.0
>            Reporter: Syed Aqeel Ashiq
>            Priority: Major
>             Fix For: 2.3
>
>
> Consider a user X only has read/write access to let's say /sftp and /sftp/abc 
> directory on a sftp server. And default directory for user is /sftp
> In this case, we have to set userDirIsRoot to false, and thus vfs will try to 
> switch to root directory, which will fail due to lack of read permission.
> This is the underlying code responsible in
> org.apache.commons.vfs.provider.sftp.SftpFileSystem:
> {code:java}
> Boolean userDirIsRoot = 
> SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
> String workingDirectory = getRootName().getPath();
> if (workingDirectory != null && (userDirIsRoot == null || 
> !userDirIsRoot.booleanValue())) {
>     try {
>         channel.cd(workingDirectory); 
>     } catch (SftpException e) {
>         throw new 
> FileSystemException("vfs.provider.sftp/change-work-directory.error", 
> workingDirectory);
>     }
> }{code}
> It purposelessly switches to root directory of filesystem. There is a fare 
> use-case that root directory doesn't have read access.
> *Possible Fix:* It should not switch to root directory, rather it should 
> switch to actual final directory, that would be safest. E.g. if the needed 
> directory is '/sftp/abc' then it can switch to that directory in above code, 
> rather than switching to root.
> Please also see related SO question:
> https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to