drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DRILL-5964) Do not allow queries to access paths outside the current workspace root
Date Mon, 27 Nov 2017 20:52:01 GMT

    [ https://issues.apache.org/jira/browse/DRILL-5964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16267506#comment-16267506
] 

ASF GitHub Bot commented on DRILL-5964:
---------------------------------------

Github user parthchandra commented on a diff in the pull request:

    https://github.com/apache/drill/pull/1050#discussion_r152862693
  
    --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/store/dfs/FileSelection.java
---
    @@ -359,15 +363,30 @@ private static Path handleWildCard(final String root) {
         }
       }
     
    -  private static String removeLeadingSlash(String path) {
    -    if (path.charAt(0) == '/') {
    +  public static String removeLeadingSlash(String path) {
    +    if (!path.isEmpty() && path.charAt(0) == '/') {
           String newPath = path.substring(1);
           return removeLeadingSlash(newPath);
         } else {
           return path;
         }
       }
     
    +  // Check if the path is a valid sub path under the parent after removing backpaths.
Throw an exception if
    +  // it is not
    +  // We pass subpath in as a parameter only for the error message
    +  public static boolean checkBackPaths(String parent, String combinedPath, String subpath)
{
    --- End diff --
    
    Done


> Do not allow queries to access paths outside the current workspace root
> -----------------------------------------------------------------------
>
>                 Key: DRILL-5964
>                 URL: https://issues.apache.org/jira/browse/DRILL-5964
>             Project: Apache Drill
>          Issue Type: Improvement
>    Affects Versions: 1.11.0
>            Reporter: Parth Chandra
>            Assignee: Parth Chandra
>              Labels: doc-impacting
>
> Workspace definitions in the dfs plugin are intended to provide a convenient shortcut
to long directory paths. However, some users may wish to disallow access to paths outside
the root of the workspace, possibly to prevent accidental access. Note that this is a convenience
option and not a substitute for permissions on the file system.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message