[jira] [Updated] (HADOOP-6898) FileSystem.copyToLocal creates files with 777 permissions

Tom White (JIRA) Tue, 12 Apr 2011 15:36:44 -0700

     [ 
https://issues.apache.org/jira/browse/HADOOP-6898?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Tom White updated HADOOP-6898:
------------------------------

      Resolution: Fixed
    Hadoop Flags: [Reviewed]
          Status: Resolved  (was: Patch Available)

I've just committed this. Thanks Aaron!

> FileSystem.copyToLocal creates files with 777 permissions
> ---------------------------------------------------------
>
>                 Key: HADOOP-6898
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6898
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: fs, security
>            Reporter: Todd Lipcon
>            Assignee: Aaron T. Myers
>            Priority: Blocker
>             Fix For: 0.22.0
>
>         Attachments: hadoop-6898.0.txt
>
>
> FileSystem.copyToLocal ends up calling through to FileUtil.copy, which calls 
> create() on the target file system without passing any permission object. 
> Therefore, the file ends up getting created locally with 777 permissions, 
> which is dangerous -- even if the caller then fixes up permissions 
> afterwards, it exposes a window in which an attacker can open the file.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (HADOOP-6898) FileSystem.copyToLocal creates files with 777 permissions

Reply via email to