[
https://issues.apache.org/jira/browse/DRILL-5964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16267671#comment-16267671
]
ASF GitHub Bot commented on DRILL-5964:
---------------------------------------
Github user arina-ielchiieva commented on a diff in the pull request:
https://github.com/apache/drill/pull/1050#discussion_r153337275
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/store/dfs/WorkspaceConfig.java
---
@@ -30,18 +30,25 @@
public class WorkspaceConfig {
/** Default workspace is a root directory which supports read, but not
write. */
- public static final WorkspaceConfig DEFAULT = new WorkspaceConfig("/",
false, null);
+ public static final WorkspaceConfig DEFAULT = new WorkspaceConfig("/",
false, null, false);
private final String location;
private final boolean writable;
private final String defaultInputFormat;
-
+ private final Boolean allowAccessOutsideWorkspace; // allow access
outside the workspace by default. This
+ // field is a Boolean
(not boolean) so that we can
+ // assign a default
value if it is not defined in a
+ // storage plugin
config
public WorkspaceConfig(@JsonProperty("location") String location,
@JsonProperty("writable") boolean writable,
- @JsonProperty("defaultInputFormat") String
defaultInputFormat) {
+ @JsonProperty("defaultInputFormat") String
defaultInputFormat,
+ @JsonProperty("allowAccessOutsideWorkspace")
Boolean allowAccessOutsideWorkspace
+ ) {
this.location = location;
this.writable = writable;
this.defaultInputFormat = defaultInputFormat;
+ //this.allowAccessOutsideWorkspace = allowAccessOutsideWorkspace !=
null ? allowAccessOutsideWorkspace : false ;
+ this.allowAccessOutsideWorkspace = true;
--- End diff --
It seems we should not always set true...
> Do not allow queries to access paths outside the current workspace root
> -----------------------------------------------------------------------
>
> Key: DRILL-5964
> URL: https://issues.apache.org/jira/browse/DRILL-5964
> Project: Apache Drill
> Issue Type: Improvement
> Affects Versions: 1.11.0
> Reporter: Parth Chandra
> Assignee: Parth Chandra
> Labels: doc-impacting
>
> Workspace definitions in the dfs plugin are intended to provide a convenient
> shortcut to long directory paths. However, some users may wish to disallow
> access to paths outside the root of the workspace, possibly to prevent
> accidental access. Note that this is a convenience option and not a
> substitute for permissions on the file system.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)