db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r1179042 - /db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/engine/RestrictiveFilePermissionsTest.java
Date Wed, 05 Oct 2011 02:30:18 GMT
Author: dag
Date: Wed Oct  5 02:30:18 2011
New Revision: 1179042

URL: http://svn.apache.org/viewvc?rev=1179042&view=rev
Log:
DERBY-5363 Tighten permissions of DB files to owner with >= JDK7

Patch derby-5363-followup-linux.

RestrictiveFilePermissionsTest for this feature broke on some
platforms (thanks to Kathey for noticing). Apparently, the ACL view of
Posix file system permissions is not available for all Unix/Linux
versions in JDK 1.7 (I had tested on Solaris 11 and Windows). The
changes in the test now fall back on using
PosixFileAttributeView#readAttributes if the ACL view is not
available.


Modified:
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/engine/RestrictiveFilePermissionsTest.java

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/engine/RestrictiveFilePermissionsTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/engine/RestrictiveFilePermissionsTest.java?rev=1179042&r1=1179041&r2=1179042&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/engine/RestrictiveFilePermissionsTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/engine/RestrictiveFilePermissionsTest.java
Wed Oct  5 02:30:18 2011
@@ -24,6 +24,7 @@ import java.io.File;
 import java.lang.reflect.Array;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.lang.reflect.Field;
 import java.net.URL;
 import java.security.AccessController;
 import java.security.PrivilegedExceptionAction;
@@ -36,8 +37,8 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Properties;
 import java.util.Set;
+import java.util.HashSet;
 import javax.sql.DataSource;
-import junit.framework.Assert;
 import junit.framework.Test;
 import junit.framework.TestSuite;
 import org.apache.derby.drda.NetworkServerControl;
@@ -91,7 +92,6 @@ public class RestrictiveFilePermissionsT
 
         supportsLaxTesting =
             checkAccessToOwner(
-                null,
                 f,
                 false,
                 UNKNOWN);
@@ -110,7 +110,7 @@ public class RestrictiveFilePermissionsT
         // setting of the property derby.storage.useDefaultFilePermissions.
         // The extra setup file is for testJarFiles.
 
-        TestSuite totalSuite = new TestSuite();
+        TestSuite totalSuite = new TestSuite("RestrictiveFilePermissionsTest");
 
         Properties p = new Properties();
         p.put("derby.storage.useDefaultFilePermissions", "false");
@@ -177,16 +177,14 @@ public class RestrictiveFilePermissionsT
     public void testDerbyDotLog() throws Exception {
         File derbydotlog = new File(home, derbyDotLog);
 
-        checkAccessToOwner(
-            this, derbydotlog, POSITIVE);
+        checkAccessToOwner(derbydotlog, POSITIVE);
     }
 
 
     public void testDbDirectory() throws Exception {
         File derbyDbDir = new File(home, dbName);
 
-        checkAccessToOwner(
-            this, derbyDbDir, POSITIVE);
+        checkAccessToOwner(derbyDbDir, POSITIVE);
     }
 
 
@@ -194,7 +192,7 @@ public class RestrictiveFilePermissionsT
         File servProp = new File(home, dbName + "/" + "service.properties");
 
         checkAccessToOwner(
-            this, servProp, POSITIVE);
+            servProp, POSITIVE);
     }
 
 
@@ -206,7 +204,7 @@ public class RestrictiveFilePermissionsT
                          "on commit preserve rows not logged").executeUpdate();
 
         checkAccessToOwner(
-            this, tmp, true, POSITIVE);
+            tmp, true, POSITIVE);
     }
 
 
@@ -214,12 +212,10 @@ public class RestrictiveFilePermissionsT
         File dbLck = new File(home, dbName + "/" + "db.lck");
         File dbexLck = new File(home, dbName + "/" + "dbex.lck");
 
-        checkAccessToOwner(
-            this, dbLck, POSITIVE);
+        checkAccessToOwner(dbLck, POSITIVE);
 
         if (PrivilegedFileOpsForTests.exists(dbexLck)) {
-            checkAccessToOwner(
-                    this, dbexLck, POSITIVE);
+            checkAccessToOwner(dbexLck, POSITIVE);
         }
     }
 
@@ -228,7 +224,7 @@ public class RestrictiveFilePermissionsT
         File seg0 = new File(home, dbName + "/" + "seg0");
 
         checkAccessToOwner(
-            this, seg0, true, POSITIVE);
+            seg0, true, POSITIVE);
     }
 
 
@@ -236,7 +232,7 @@ public class RestrictiveFilePermissionsT
         File seg0 = new File(home, dbName + "/" + "log");
 
         checkAccessToOwner(
-            this, seg0, true, POSITIVE);
+            seg0, true, POSITIVE);
     }
 
 
@@ -255,8 +251,7 @@ public class RestrictiveFilePermissionsT
                         "    NULL)"); // code set
         File exp = new File(home, dbName + "/" + exportFileName);
 
-        checkAccessToOwner(
-            this, exp, POSITIVE);
+        checkAccessToOwner(exp, POSITIVE);
 
         // Make a lob table and insert one row
         s.executeUpdate("create table lobtable(i int, c clob)");
@@ -282,11 +277,9 @@ public class RestrictiveFilePermissionsT
         File expLob = new File(home, dbName + "/" + exportLobFileName);
 
         // Check resuling exported files
-        checkAccessToOwner(
-            this, exp2, POSITIVE);
+        checkAccessToOwner(exp2, POSITIVE);
 
-        checkAccessToOwner(
-            this, expLob, POSITIVE);
+        checkAccessToOwner(expLob, POSITIVE);
     }
 
 
@@ -318,7 +311,7 @@ public class RestrictiveFilePermissionsT
         File seg0 = new File(home, dbName + "/" + "seg0");
 
         checkAccessToOwner(
-            this, seg0, true, POSITIVE);
+            seg0, true, POSITIVE);
     }
 
 
@@ -345,7 +338,7 @@ public class RestrictiveFilePermissionsT
         File seg0 = new File(home, dbName + "/" + "seg0");
 
         checkAccessToOwner(
-            this, seg0, true, POSITIVE);
+            seg0, true, POSITIVE);
     }
 
 
@@ -374,7 +367,7 @@ public class RestrictiveFilePermissionsT
 
         File fbd = new File(fullBackupDir);
         checkAccessToOwner(
-            this, fbd, true, POSITIVE);
+            fbd, true, POSITIVE);
 
         // Prepare to restore
         TestConfiguration.getCurrent().shutdownDatabase();
@@ -390,7 +383,7 @@ public class RestrictiveFilePermissionsT
 
         final File db = new File(home, dbName);
         checkAccessToOwner(
-            this, db, true, POSITIVE);
+            db, true, POSITIVE);
 
         con.close();
 
@@ -403,7 +396,7 @@ public class RestrictiveFilePermissionsT
         final File newDb = new File(home, dbName2);
 
         checkAccessToOwner(
-            this, newDb, true, POSITIVE);
+            newDb, true, POSITIVE);
         con2.close();
 
         // close down both
@@ -442,7 +435,7 @@ public class RestrictiveFilePermissionsT
         File jarsDir = new File(home, dbName + "/" + "jar");
 
         checkAccessToOwner(
-            this, jarsDir, true, POSITIVE);
+            jarsDir, true, POSITIVE);
     }
 
 
@@ -461,7 +454,7 @@ public class RestrictiveFilePermissionsT
         File traceDirF = new File(traceDir);
 
         checkAccessToOwner(
-            this, traceDirF, true, POSITIVE);
+            traceDirF, true, POSITIVE);
         nsctrl.shutdown();
         assertDirectoryDeleted(traceDirF);
     }
@@ -479,7 +472,7 @@ public class RestrictiveFilePermissionsT
         File traceDirF = new File(traceDir);
 
         checkAccessToOwner(
-            this, traceDirF, true, NEGATIVE);
+            traceDirF, true, NEGATIVE);
 
         nsctrl.shutdown();
         assertDirectoryDeleted(traceDirF);
@@ -488,8 +481,7 @@ public class RestrictiveFilePermissionsT
 
     public void dotestEmbeddedIsLax() throws Exception {
         File derbydotlogF = new File(home, derbyDotLog + ".lax");
-        checkAccessToOwner(
-            this, derbydotlogF, NEGATIVE);
+        checkAccessToOwner(derbydotlogF, NEGATIVE);
     }
 
 
@@ -510,6 +502,8 @@ public class RestrictiveFilePermissionsT
     private static Class aclEntryClz;
     private static Class aclFileAttributeViewClz;
     private static Class posixFileAttributeViewClz;
+    private static Class posixFileAttributesClz;
+    private static Class posixFilePermissionClz;
     private static Class userPrincipalClz;
     private static Class linkOptionArrayClz;
     private static Class linkOptionClz;
@@ -523,8 +517,17 @@ public class RestrictiveFilePermissionsT
     private static Method getAcl;
     private static Method principal;
     private static Method getName;
-    private static Method permissions;
-
+    private static Method permissionsAcl;
+    private static Method permissionsPosix;
+    private static Method readAttributes;
+
+    private static Field GROUP_EXECUTE;
+    private static Field GROUP_READ;
+    private static Field GROUP_WRITE;
+    private static Field OTHERS_EXECUTE;
+    private static Field OTHERS_READ;
+    private static Field OTHERS_WRITE;
+    private static Set unwantedPermissions;
     /**
      * Check that the file has access only for the owner. Will throw (JUnit
      * failure) if permissions are not strict.
@@ -538,18 +541,16 @@ public class RestrictiveFilePermissionsT
      * we have no way in Java of checking the results in a portable way. So, if
      * we do not have at least Java 7, this method will be a no-op.
      *
-     * @param test the current test
      * @param file (or directory) for which we want to check permissions
      * @param expectedOutcome NEGATIVE or POSITIVE
      * @see #checkAccessToOwner(BaseJDBCTestCase, File, boolean, int)
      */
 
     public static void checkAccessToOwner(
-            BaseJDBCTestCase test,
             final File file,
             int expectedOutcome) throws Exception {
 
-        checkAccessToOwner(test, file, false, expectedOutcome);
+        checkAccessToOwner(file, false, expectedOutcome);
     }
 
 
@@ -558,7 +559,6 @@ public class RestrictiveFilePermissionsT
      * checkAccessToOwner}, but if {@code doContents} is true, also check files
      * directly contained in this file qua directory (not recursively).
      *
-     * @param test
      * @param file ((or directory) for which we want to check permissions
      * @param doContents if a directory, an error to call with true if not
      * @param expectedOutcome NEGATIVE, POSITIVE or UNKNOWN
@@ -566,7 +566,6 @@ public class RestrictiveFilePermissionsT
      *              UNKNOWN)
      */
     private static boolean checkAccessToOwner(
-            final BaseJDBCTestCase test,
             final File file,
             final boolean doContents,
             final int expectedOutcome) throws Exception {
@@ -574,14 +573,14 @@ public class RestrictiveFilePermissionsT
         // manager.
         if (doContents) {
             // visit immediately contained file in this directory also
-            checkAccessToOwner(test, file, false, expectedOutcome);
+            checkAccessToOwner(file, false, expectedOutcome);
 
             AccessController.doPrivileged(new PrivilegedExceptionAction() {
                 public Object run() throws Exception {
                     File [] files = file.listFiles();
                     for (int i = 0; i < files.length; i++){
                         checkAccessToOwner(
-                            test, files[i], false, expectedOutcome);
+                            files[i], false, expectedOutcome);
                     }
                     return null;
                 }});
@@ -591,100 +590,121 @@ public class RestrictiveFilePermissionsT
             (Boolean)AccessController.
             doPrivileged(new PrivilegedExceptionAction() {
 
-                    public Object run() throws Exception {
-                        // lazy initialization
-                        if (!initialized) {
-                            initialized = true;
-
-                            // If found, we have >= Java 7.
-                            filesClz = Class.forName(
-                                "java.nio.file.Files");
-                            pathClz = Class.forName(
-                                "java.nio.file.Path");
-                            pathsClz = Class.forName(
-                                "java.nio.file.Paths");
-                            aclEntryClz = Class.forName(
-                                "java.nio.file.attribute.AclEntry");
-                            aclFileAttributeViewClz = Class.forName(
-                                "java.nio.file.attribute." +
-                                "AclFileAttributeView");
-                            posixFileAttributeViewClz = Class.forName(
-                                "java.nio.file.attribute." +
-                                "PosixFileAttributeView");
-                            userPrincipalClz = Class.forName(
-                                "java.nio.file.attribute.UserPrincipal");
-                            linkOptionArrayClz = Class.forName(
-                                "[Ljava.nio.file.LinkOption;");
-                            linkOptionClz = Class.forName(
-                                "java.nio.file.LinkOption");
-                            stringArrayClz = Class.forName(
-                                "[Ljava.lang.String;");
-                            aclEntryBuilderClz = Class.forName(
-                                "java.nio.file.attribute.AclEntry$Builder");
-                            aclEntryTypeClz = Class.forName(
-                                "java.nio.file.attribute.AclEntryType");
-
-                            get = pathsClz.
-                                getMethod("get",
-                                          new Class[]{String.class,
-                                                      stringArrayClz});
-
-                            getFileAttributeView = filesClz.
-                                getMethod("getFileAttributeView",
-                                          new Class[]{pathClz,
-                                                      Class.class,
-                                                      linkOptionArrayClz});
-
-                            getOwner = filesClz.
-                                getMethod(
-                                    "getOwner",
-                                    new Class[]{pathClz,
-                                                linkOptionArrayClz});
-                            getAcl = aclFileAttributeViewClz.
-                                getMethod("getAcl", new Class[]{});
-                            principal = aclEntryClz.
-                                getMethod("principal", new Class[]{});
-                            getName = userPrincipalClz.
-                                getMethod("getName", new Class[]{});
-                            permissions = aclEntryClz.
-                                getMethod("permissions", new Class[]{});
-                        }
-
-                        // Only used with expectedOutcome == UNKNOWN, otherwise
-                        // we throw:
-                        boolean someThingBeyondOwnerFound = false;
-
-                        // We have Java 7. We need to call reflectively, since
-                        // the source level isn't yet at Java 7.
-                        try {
-                            Object fileP = get.invoke(
-                                null, new Object[]{file.getPath(),
-                                                   new String[]{}});
-
-                            Object view = getFileAttributeView.invoke(
-                                null,
-                                new Object[]{
-                                    fileP,
-                                    aclFileAttributeViewClz,
-                                    Array.newInstance(linkOptionClz, 0)});
-
-                            if (view == null) {
-                                // ACLs not supported on this platform
-                                fail();
-                            }
-
-                            // If we have a posix view, we can use ACLs to
-                            // interface the usual Unix permission masks via
-                            // the special principals OWNER@, GROUP@ and
-                            // EVERYONE@
+                public Object run() throws Exception {
+                    // lazy initialization
+                    if (!initialized) {
+                        initialized = true;
+
+                        // If found, we have >= Java 7.
+                        filesClz = Class.forName(
+                            "java.nio.file.Files");
+                        pathClz = Class.forName(
+                            "java.nio.file.Path");
+                        pathsClz = Class.forName(
+                            "java.nio.file.Paths");
+                        aclEntryClz = Class.forName(
+                            "java.nio.file.attribute.AclEntry");
+                        aclFileAttributeViewClz = Class.forName(
+                            "java.nio.file.attribute." +
+                            "AclFileAttributeView");
+                        posixFileAttributeViewClz = Class.forName(
+                            "java.nio.file.attribute." +
+                            "PosixFileAttributeView");
+                        posixFileAttributesClz = Class.forName(
+                            "java.nio.file.attribute." +
+                            "PosixFileAttributes");
+                        posixFilePermissionClz = Class.forName(
+                            "java.nio.file.attribute." +
+                            "PosixFilePermission");
+                        userPrincipalClz = Class.forName(
+                            "java.nio.file.attribute.UserPrincipal");
+                        linkOptionArrayClz = Class.forName(
+                            "[Ljava.nio.file.LinkOption;");
+                        linkOptionClz = Class.forName(
+                            "java.nio.file.LinkOption");
+                        stringArrayClz = Class.forName(
+                            "[Ljava.lang.String;");
+                        aclEntryBuilderClz = Class.forName(
+                            "java.nio.file.attribute.AclEntry$Builder");
+                        aclEntryTypeClz = Class.forName(
+                            "java.nio.file.attribute.AclEntryType");
+
+                        get = pathsClz.
+                            getMethod("get",
+                                      new Class[]{String.class,
+                                                  stringArrayClz});
+
+                        getFileAttributeView = filesClz.
+                            getMethod("getFileAttributeView",
+                                      new Class[]{pathClz,
+                                                  Class.class,
+                                                  linkOptionArrayClz});
+
+                        getOwner = filesClz.
+                            getMethod(
+                                "getOwner",
+                                new Class[]{pathClz,
+                                            linkOptionArrayClz});
+                        getAcl = aclFileAttributeViewClz.
+                            getMethod("getAcl", new Class[]{});
+                        principal = aclEntryClz.
+                            getMethod("principal", new Class[]{});
+                        getName = userPrincipalClz.
+                            getMethod("getName", new Class[]{});
+                        permissionsAcl = aclEntryClz.
+                            getMethod("permissions", new Class[]{});
+                        permissionsPosix = posixFileAttributesClz.
+                            getMethod("permissions", new Class[]{});
+                        readAttributes = posixFileAttributeViewClz.
+                            getMethod("readAttributes", new Class[]{});
+
+                        GROUP_EXECUTE =
+                            posixFilePermissionClz.getField("GROUP_EXECUTE");
+                        GROUP_READ =
+                            posixFilePermissionClz.getField("GROUP_READ");
+                        GROUP_WRITE =
+                            posixFilePermissionClz.getField("GROUP_WRITE");
+                        OTHERS_EXECUTE =
+                            posixFilePermissionClz.getField("OTHERS_EXECUTE");
+                        OTHERS_READ =
+                            posixFilePermissionClz.getField("OTHERS_READ");
+                        OTHERS_WRITE =
+                            posixFilePermissionClz.getField("OTHERS_WRITE");
+                        unwantedPermissions = new HashSet();
+                        unwantedPermissions.add(GROUP_EXECUTE.get(null));
+                        unwantedPermissions.add(GROUP_READ.get(null));
+                        unwantedPermissions.add(GROUP_WRITE.get(null));
+                        unwantedPermissions.add(OTHERS_EXECUTE.get(null));
+                        unwantedPermissions.add(OTHERS_READ.get(null));
+                        unwantedPermissions.add(OTHERS_WRITE.get(null));
+                    }
 
-                            Object posixView = getFileAttributeView.invoke(
-                                null,
-                                new Object[]{
-                                    fileP,
-                                    posixFileAttributeViewClz,
-                                    Array.newInstance(linkOptionClz, 0)});
+                    // Only used with expectedOutcome == UNKNOWN, otherwise
+                    // we throw:
+                    boolean someThingBeyondOwnerFound = false;
+
+                    // We have Java 7. We need to call reflectively, since
+                    // the source level isn't yet at Java 7.
+                    try {
+                        Object fileP = get.invoke(
+                            null, new Object[]{file.getPath(),
+                                               new String[]{}});
+
+                        Object aclView = getFileAttributeView.invoke(
+                            null,
+                            new Object[]{
+                                fileP,
+                                aclFileAttributeViewClz,
+                                Array.newInstance(linkOptionClz, 0)});
+
+                        Object posixView = getFileAttributeView.invoke(
+                            null,
+                            new Object[]{
+                                fileP,
+                                posixFileAttributeViewClz,
+                                Array.newInstance(linkOptionClz, 0)});
 
+                        if (aclView != null) { // Windows, Solaris 11
                             Object owner = getOwner.invoke(
                                 null,
                                 new Object[]{
@@ -692,7 +712,7 @@ public class RestrictiveFilePermissionsT
                                     Array.newInstance(linkOptionClz, 0)});
 
                             List oldAcl =
-                                (List)getAcl.invoke(view, (Object[])null);
+                                (List)getAcl.invoke(aclView, (Object[])null);
 
                             for (Iterator i = oldAcl.iterator(); i.hasNext();) {
                                 Object ace = i.next();
@@ -710,7 +730,7 @@ public class RestrictiveFilePermissionsT
                                         princName.equals("GROUP@") ||
                                         princName.equals("EVERYONE@")) {
 
-                                        Set s = (Set)permissions.invoke(
+                                        Set s = (Set)permissionsAcl.invoke(
                                             ace,
                                             (Object[])null);
 
@@ -741,38 +761,58 @@ public class RestrictiveFilePermissionsT
 
                                 }
                             }
-
-                            if (expectedOutcome == NEGATIVE &&
-                                    !someThingBeyondOwnerFound) {
-                                fail(
-                                    "unexpected restrictive access: " + file);
-                            }
-
-                        } catch (IllegalAccessException e) {
-                            // coding error
-                            if (SanityManager.DEBUG) {
-                                SanityManager.THROWASSERT(e);
-                            }
-                        } catch (IllegalArgumentException e) {
-                            // coding error
-                            if (SanityManager.DEBUG) {
-                                SanityManager.THROWASSERT(e);
+                        } else if (posixView != null) {
+                            Object posixFileAttributes =
+                                readAttributes.invoke(posixView,
+                                                      new Object[]{});
+                            Set permissionsSet =
+                                (Set)permissionsPosix.invoke(
+                                    posixFileAttributes, new Object[]{});
+
+                            for (Iterator i = permissionsSet.iterator();
+                                 i.hasNext();) {
+                                Object perm = i.next();
+
+                                if (unwantedPermissions.contains(perm)) {
+                                    someThingBeyondOwnerFound = true;
+                                    break;
+                                }
                             }
-                        } catch (InvocationTargetException e) {
-                            throw e;
+                        } else {
+                            fail();
                         }
 
-                        if (test != null) {
-                            test.println("checked perms on: " + file);
+                        if (expectedOutcome == NEGATIVE &&
+                                !someThingBeyondOwnerFound) {
+                            fail(
+                                "unexpected restrictive access: " + file);
                         }
 
-                        if (expectedOutcome == UNKNOWN &&
-                                someThingBeyondOwnerFound) {
-                            return Boolean.TRUE;
-                        } else {
-                            return Boolean.FALSE;
+                    } catch (IllegalAccessException e) {
+                        // coding error
+                        if (SanityManager.DEBUG) {
+                            SanityManager.THROWASSERT(e);
+                        }
+                    } catch (IllegalArgumentException e) {
+                        // coding error
+                        if (SanityManager.DEBUG) {
+                            SanityManager.THROWASSERT(e);
                         }
-                    }});
+                    } catch (InvocationTargetException e) {
+                        throw e;
+                    }
+
+                    if (expectedOutcome != UNKNOWN) {
+                        println("checked perms on: " + file);
+                    }
+
+                    if (expectedOutcome == UNKNOWN &&
+                            someThingBeyondOwnerFound) {
+                        return Boolean.TRUE;
+                    } else {
+                        return Boolean.FALSE;
+                    }
+                }});
 
         return result.booleanValue();
     }



Mime
View raw message