Todd Lipcon has posted comments on this change. ( http://gerrit.cloudera.org:8080/12351 )
Change subject: KUDU-2411: Set SASL_PATH if needed when starting MiniCluster ...................................................................... Patch Set 1: (1 comment) http://gerrit.cloudera.org:8080/#/c/12351/1/java/kudu-test-utils/src/main/java/org/apache/kudu/test/cluster/MiniKuduCluster.java File java/kudu-test-utils/src/main/java/org/apache/kudu/test/cluster/MiniKuduCluster.java: http://gerrit.cloudera.org:8080/#/c/12351/1/java/kudu-test-utils/src/main/java/org/apache/kudu/test/cluster/MiniKuduCluster.java@191 PS1, Line 191: Path saslDir = Paths.get(new File(kuduBinaryPath).getParentFile().getParent(), "lib", "sasl2"); is there any safer way to detect that we're using a MiniKuduCluster from the new binary jar thing? I'm afraid that randomly traversing up the file system and then executing code is a bit of a security bad practice -- what if my kudu path is in /tmp/todd/ and someone else wants to attack me on a shared system? Now I'm executing code from an uncontrolled location. -- To view, visit http://gerrit.cloudera.org:8080/12351 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Iaaeb30781f4483910c35a20c6d7c76f7f85aa4ce Gerrit-Change-Number: 12351 Gerrit-PatchSet: 1 Gerrit-Owner: Mike Percy <[email protected]> Gerrit-Reviewer: Brian McDevitt <[email protected]> Gerrit-Reviewer: Grant Henke <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Mike Percy <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-Comment-Date: Mon, 04 Feb 2019 19:11:55 +0000 Gerrit-HasComments: Yes
