[jira] [Updated] (HADOOP-8139) Path does not allow metachars to be escaped

[Daryn Sharp (Updated) (JIRA)]

     [ 
https://issues.apache.org/jira/browse/HADOOP-8139?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Daryn Sharp updated HADOOP-8139:
--------------------------------

    Attachment: HADOOP-8139.patch

I haven't run the full suite of tests, but I want to get the patch up for 
comments this evening.  I did have to make a couple of lines to the glob parser 
due to directly bugs found during testing this patch.  I'll make it a separate 
jira if there are objections to including it.

Glob will try to build a regexp for each path component.  If it doesn't see an 
unescaped shell metachar, then it falls back to using the raw path component 
string.  In the case of quoted metachars, the quoting is never removed.  I 
fixed that.

Ironically, the glob quoting would only work if there was also an unquoted 
metachar.  This forced the use of a regexp where the unstripped quoting was 
valid.
                
> Path does not allow metachars to be escaped
> -------------------------------------------
>
>                 Key: HADOOP-8139
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8139
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: fs
>    Affects Versions: 0.23.0, 0.24.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: HADOOP-8139.patch
>
>
> Path converts "\" into "/", probably for windows support?  This means it's 
> impossible for the user to escape metachars in a path name.  Glob expansion 
> can have deadly results.
> Here are the most egregious examples. A user accidentally creates a path like 
> "/user/me/*/file".  Now they want to remove it.
> {noformat}"hadoop fs -rmr -skipTrash '/user/me/\*'" becomes...
> "hadoop fs -rmr -skipTrash /user/me/*"{noformat}
> * User/Admin: Nuked their home directory or any given directory
> {noformat}"hadoop fs -rmr -skipTrash '\*'" becomes...
> "hadoop fs -rmr -skipTrash /*"{noformat}
> * User:  Deleted _everything_ they have access to on the cluster
> * Admin: *Nukes the entire cluster*
> Note: FsShell is shown for illustrative purposes, however the problem is in 
> the Path object, not FsShell.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira