commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Syed Aqeel Ashiq (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (VFS-651) SftpFileSystem Should not switch to root directory when not absolutely needed
Date Tue, 13 Feb 2018 17:35:00 GMT

     [ https://issues.apache.org/jira/browse/VFS-651?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Syed Aqeel Ashiq updated VFS-651:
---------------------------------
    Description: 
Consider a user X only has read/write access to let's say /sftp and /sftp/abc directory on
a sftp server. And default directory for user is /sftp
In this case, we have to set userDirIsRoot to false, and thus vfs will try to switch to root
directory, which will fail due to lack of read permission.

This is the underlying code responsible in

{code:java}
org.apache.commons.vfs.provider.sftp.SftpFileSystem
{code}
:
{code:java}
Boolean userDirIsRoot = SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
String workingDirectory = getRootName().getPath();
if (workingDirectory != null && (userDirIsRoot == null || !userDirIsRoot.booleanValue()))
{
    try {
        channel.cd(workingDirectory); 
    } catch (SftpException e) {
        throw new FileSystemException("vfs.provider.sftp/change-work-directory.error", workingDirectory);
    }
}{code}

It purposelessly switches to root directory of filesystem. There is a fair use-case that root
directory doesn't have read access.

*Possible Fix:* It should not switch to root directory, rather it should switch to actual
final directory. This approach would be the safest. E.g. if the needed directory is '/sftp/abc'
then it can switch to that directory in above code, rather than switching to root.

Please also see related SO question:
https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed

  was:
Consider a user X only has read/write access to let's say /sftp and /sftp/abc directory on
a sftp server. And default directory for user is /sftp
In this case, we have to set userDirIsRoot to false, and thus vfs will try to switch to root
directory, which will fail due to lack of read permission.

This is the underlying code responsible in

{code:java}
org.apache.commons.vfs.provider.sftp.SftpFileSystem
{code}
:
{code:java}
Boolean userDirIsRoot = SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
String workingDirectory = getRootName().getPath();
if (workingDirectory != null && (userDirIsRoot == null || !userDirIsRoot.booleanValue()))
{
    try {
        channel.cd(workingDirectory); 
    } catch (SftpException e) {
        throw new FileSystemException("vfs.provider.sftp/change-work-directory.error", workingDirectory);
    }
}{code}

It purposelessly switches to root directory of filesystem. There is a fair use-case that root
directory doesn't have read access.

*Possible Fix:* It should not switch to root directory, rather it should switch to actual
final directory, that would be safest. E.g. if the needed directory is '/sftp/abc' then it
can switch to that directory in above code, rather than switching to root.

Please also see related SO question:
https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed


> SftpFileSystem Should not switch to root directory when not absolutely needed
> -----------------------------------------------------------------------------
>
>                 Key: VFS-651
>                 URL: https://issues.apache.org/jira/browse/VFS-651
>             Project: Commons VFS
>          Issue Type: Bug
>    Affects Versions: 2.0
>            Reporter: Syed Aqeel Ashiq
>            Priority: Major
>             Fix For: 2.3
>
>
> Consider a user X only has read/write access to let's say /sftp and /sftp/abc directory
on a sftp server. And default directory for user is /sftp
> In this case, we have to set userDirIsRoot to false, and thus vfs will try to switch
to root directory, which will fail due to lack of read permission.
> This is the underlying code responsible in
> {code:java}
> org.apache.commons.vfs.provider.sftp.SftpFileSystem
> {code}
> :
> {code:java}
> Boolean userDirIsRoot = SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
> String workingDirectory = getRootName().getPath();
> if (workingDirectory != null && (userDirIsRoot == null || !userDirIsRoot.booleanValue()))
{
>     try {
>         channel.cd(workingDirectory); 
>     } catch (SftpException e) {
>         throw new FileSystemException("vfs.provider.sftp/change-work-directory.error",
workingDirectory);
>     }
> }{code}
> It purposelessly switches to root directory of filesystem. There is a fair use-case that
root directory doesn't have read access.
> *Possible Fix:* It should not switch to root directory, rather it should switch to actual
final directory. This approach would be the safest. E.g. if the needed directory is '/sftp/abc'
then it can switch to that directory in above code, rather than switching to root.
> Please also see related SO question:
> https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message