[jira] [Updated] (RANGER-1450) Avoid path traversal attacks when reading XML files

Colm O hEigeartaigh (JIRA) Mon, 13 Mar 2017 03:39:22 -0700

     [ 
https://issues.apache.org/jira/browse/RANGER-1450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Colm O hEigeartaigh updated RANGER-1450:
----------------------------------------
    Attachment: 0001-RANGER-1450-Avoid-path-traversal-attacks-when-readin.patch

> Avoid path traversal attacks when reading XML files
> ---------------------------------------------------
>
>                 Key: RANGER-1450
>                 URL: https://issues.apache.org/jira/browse/RANGER-1450
>             Project: Ranger
>          Issue Type: Improvement
>          Components: plugins
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.0.0
>
>         Attachments: 
> 0001-RANGER-1450-Avoid-path-traversal-attacks-when-readin.patch
>
>
> This task is to avoid potential path traversal attacks when parsing XML 
> configuration files. The fix is just to take the last part of the "path" that 
> is supplied.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (RANGER-1450) Avoid path traversal attacks when reading XML files

Reply via email to