Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: yjzhangal@apache.org
To: common-commits@hadoop.apache.org
Message-Id: <6c86c97f9e884798a89994a565ee5ce5@git.apache.org>
Subject: hadoop git commit: HDFS-10276. HDFS should not expose path info that
 user has no permission to see. (Yuanbo Liu via Yongjun Zhang)
Date: Fri, 27 May 2016 17:13:30 +0000 (UTC)
archived-at: Fri, 27 May 2016 17:13:43 -0000

Repository: hadoop
Updated Branches:
  refs/heads/trunk e4022debf -> 5ea6fd85c


HDFS-10276. HDFS should not expose path info that user has no permission to see. (Yuanbo Liu via Yongjun Zhang)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/5ea6fd85
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/5ea6fd85
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/5ea6fd85

Branch: refs/heads/trunk
Commit: 5ea6fd85c7aff6df28b87789f607bb57ee920639
Parents: e4022de
Author: Yongjun Zhang <yzhang@cloudera.com>
Authored: Fri May 27 10:02:02 2016 -0700
Committer: Yongjun Zhang <yzhang@cloudera.com>
Committed: Fri May 27 10:02:02 2016 -0700

----------------------------------------------------------------------
 .../server/namenode/FSPermissionChecker.java    | 24 +++++++++++---------
 .../apache/hadoop/hdfs/TestDFSPermission.java   | 13 +++++++++++
 2 files changed, 26 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/5ea6fd85/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java
index 9edcda1..084eeec 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java
@@ -196,9 +196,9 @@ class FSPermissionChecker implements AccessControlEnforcer {
    * Check whether exception e is due to an ancestor inode's not being
    * directory.
    */
-  private void checkAncestorType(INode[] inodes, int ancestorIndex,
+  private void checkAncestorType(INode[] inodes, int checkedAncestorIndex,
       AccessControlException e) throws AccessControlException {
-    for (int i = 0; i <= ancestorIndex; i++) {
+    for (int i = 0; i <= checkedAncestorIndex; i++) {
       if (inodes[i] == null) {
         break;
       }
@@ -221,11 +221,8 @@ class FSPermissionChecker implements AccessControlEnforcer {
       throws AccessControlException {
     for(; ancestorIndex >= 0 && inodes[ancestorIndex] == null;
         ancestorIndex--);
-    try {
-      checkTraverse(inodeAttrs, path, ancestorIndex);
-    } catch (AccessControlException e) {
-      checkAncestorType(inodes, ancestorIndex, e);
-    }
+
+    checkTraverse(inodeAttrs, inodes, path, ancestorIndex);
 
     final INodeAttributes last = inodeAttrs[inodeAttrs.length - 1];
     if (parentAccess != null && parentAccess.implies(FsAction.WRITE)
@@ -276,10 +273,15 @@ class FSPermissionChecker implements AccessControlEnforcer {
   }
 
   /** Guarded by {@link FSNamesystem#readLock()} */
-  private void checkTraverse(INodeAttributes[] inodes, String path, int last
-      ) throws AccessControlException {
-    for(int j = 0; j <= last; j++) {
-      check(inodes[j], path, FsAction.EXECUTE);
+  private void checkTraverse(INodeAttributes[] inodeAttrs, INode[] inodes,
+      String path, int last) throws AccessControlException {
+    int j = 0;
+    try {
+      for (; j <= last; j++) {
+        check(inodeAttrs[j], path, FsAction.EXECUTE);
+      }
+    } catch (AccessControlException e) {
+      checkAncestorType(inodes, j, e);
     }
   }
 

http://git-wip-us.apache.org/repos/asf/hadoop/blob/5ea6fd85/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSPermission.java
----------------------------------------------------------------------
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSPermission.java b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSPermission.java
index 8885ce7..66a0380 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSPermission.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestDFSPermission.java
@@ -560,6 +560,19 @@ public class TestDFSPermission {
               + "a directory, when checked on /existing_file/non_existing_name",
           e.getMessage().contains("is not a directory"));
     }
+
+    rootFs.setPermission(p4, new FsPermission("600"));
+    try {
+      fs.exists(nfpath);
+      fail("The exists call should have failed.");
+    } catch (AccessControlException e) {
+      assertTrue("Permission denied messages must carry file path",
+          e.getMessage().contains(fpath.getName()));
+      assertFalse("Permission denied messages should not specify existing_file"
+              + " is not a directory, since the user does not have permission"
+              + " on /p4",
+          e.getMessage().contains("is not a directory"));
+    }
   }
 
   /* Check if namenode performs permission checking correctly


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org