[
https://issues.apache.org/jira/browse/ACCUMULO-3338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14213986#comment-14213986
]
Josh Elser commented on ACCUMULO-3338:
--------------------------------------
bq. That's not quite true. The risk of extra paths in the classpath is that the
extra path might be writable by other users, depending on the platform and
circumstance, and could conceivably contain undesirable classes at some future
point, regardless of whether they currently contain any. In other words, the
risk is not "known bad jars present", it's "not known to be free of bad jars".
(by "bad jars", I mean anything incompatible, malicious, or unintentional)
That's true. I was assuming that children of /usr (aside from /usr/local) will
not be writable by anyone but a super-user.
bq. I did not! Thanks for the fix.
Sure, I haven't been able to come up with an easy way to validate it, but that
would be something good to think about to future proof this.
> Update example classpath configuration
> --------------------------------------
>
> Key: ACCUMULO-3338
> URL: https://issues.apache.org/jira/browse/ACCUMULO-3338
> Project: Accumulo
> Issue Type: Improvement
> Components: docs
> Reporter: Josh Elser
> Assignee: Josh Elser
> Priority: Trivial
> Fix For: 1.6.2, 1.7.0
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Make sure the example configuration general.classpaths contain some extra
> paths for HDFS jars which make them more likely to generally work.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
