Re: VirtualFileSystem able to mkdir and chdir to non rooted directory
Thanks Elijah, will do and will send an update along.
On Mon, Apr 11, 2016 at 9:50 AM, elijah baley wrote:
> Will have to investigate (this will take time). Since you say you have
> unit tests the reproduce the problem, you can debug the code and see
> exactly why it happens. I recommend you do it with the source code for 1.2
> which is the latest one. Once you find the problem, please re-open SSHD-601
> and attache the patch...
>
> > Date: Mon, 11 Apr 2016 09:20:15 -0700
> > Subject: Re: VirtualFileSystem able to mkdir and chdir to non rooted
> directory
> > From: a...@linkedin.com.INVALID
> > To: dev@mina.apache.org
> >
> > Thanks Elijah, I should have stated that I'm using version 1.1.0 on El
> > Capitan v 10.11.3:
> >
> > $ md5 sshd-core-1.1.0.jar
> > MD5 (sshd-core-1.1.0.jar) = 6e94f5cd80de88ddaaa80bb2ff3fa793
> >
> > I've written some unit tests (that's how I discovered the issue) on our
> end
> > here to check to see that an InvalidPathException is thrown using the
> code
> > above (it can be cleaned up, but is mostly the same).
> >
> > Maybe my version is out of date or there is still an issue?
> >
> > On Sat, Apr 9, 2016 at 12:45 AM, elijah baley
> wrote:
> >
> > > This has been fixed in version 1.1 and up via SSHD-605
> > >
> > > > Date: Fri, 8 Apr 2016 15:48:10 -0700
> > > > Subject: VirtualFileSystem able to mkdir and chdir to non rooted
> > > directory
> > > > From: a...@linkedin.com.INVALID
> > > > To: dev@mina.apache.org
> > > >
> > > > Hi SSHD team,
> > > >
> > > > Not sure if this is a bug or not, but when I instantiate a new
> FileSystem
> > > > using the VirtualFileSystemFactory and RootedFileSystemProvider, as a
> > > user
> > > > on the box, I am able to mkdir and get/put files in parent (i.e.
> > > > non-subpath) paths of the supposed "root" if I do something like
> > > >
> > > > sftp> pwd
> > > > Remote working directory: /
> > > >
> > > > $ put ../thisismyfile
> > > >
> > > > It seems like the resolveLocalPath which is supposed to throw an
> > > > InvalidPathException if the path is not a proper subpath of the
> rooted
> > > file
> > > > system needs to normalize the path in addition to doing it's nullity
> > > > checks. I was able to prevent this behavior by doing something like
> > > this,
> > > > but not sure if this is the best approach.
> > > >
> > > > Any guidance/explanation would be appreciated. Thanks.
> > > >
> > > > public class FixedRootedFileSystemProvider extends
> > > RootedFileSystemProvider {
> > > >
> > > > private static final Logger LOG =
> > > > LoggerFactory.getLogger(FixedRootedFileSystemProvider.class);
> > > >
> > > > public FixedRootedFileSystemProvider() { super(); }
> > > >
> > > > @Override
> > > > protected Path resolveLocalPath(RootedPath path) {
> > > > Path resolvedLocalPath = super.resolveLocalPath(path);
> > > > return validateParent(path, resolvedLocalPath);
> > > > }
> > > >
> > > > private Path validateParent(RootedPath path, Path localPath) throws
> > > > InvalidPathException {
> > > > RootedFileSystem rfs = path.getFileSystem();
> > > > Path root = rfs.getRoot();
> > > >
> > > > if
> > >
> (!localPath.toAbsolutePath().normalize().startsWith(root.toAbsolutePath().normalize()))
> > > > { //i.e. is not a REAL subpath
> > > > LOG.info("{} is not a subpath of the root FS path " +
> > > > root.toAbsolutePath().normalize(),
> > > > localPath.toAbsolutePath().normalize());
> > > > throw new InvalidPathException(localPath.toString(), "Invalid
> > > path");
> > > > }
> > > > return localPath;
> > > > }
> > > > }
> > >
> > >
>
>
RE: VirtualFileSystem able to mkdir and chdir to non rooted directory
Will have to investigate (this will take time). Since you say you have unit
tests the reproduce the problem, you can debug the code and see exactly why it
happens. I recommend you do it with the source code for 1.2 which is the latest
one. Once you find the problem, please re-open SSHD-601 and attache the patch...
> Date: Mon, 11 Apr 2016 09:20:15 -0700
> Subject: Re: VirtualFileSystem able to mkdir and chdir to non rooted directory
> From: a...@linkedin.com.INVALID
> To: dev@mina.apache.org
>
> Thanks Elijah, I should have stated that I'm using version 1.1.0 on El
> Capitan v 10.11.3:
>
> $ md5 sshd-core-1.1.0.jar
> MD5 (sshd-core-1.1.0.jar) = 6e94f5cd80de88ddaaa80bb2ff3fa793
>
> I've written some unit tests (that's how I discovered the issue) on our end
> here to check to see that an InvalidPathException is thrown using the code
> above (it can be cleaned up, but is mostly the same).
>
> Maybe my version is out of date or there is still an issue?
>
> On Sat, Apr 9, 2016 at 12:45 AM, elijah baley wrote:
>
> > This has been fixed in version 1.1 and up via SSHD-605
> >
> > > Date: Fri, 8 Apr 2016 15:48:10 -0700
> > > Subject: VirtualFileSystem able to mkdir and chdir to non rooted
> > directory
> > > From: a...@linkedin.com.INVALID
> > > To: dev@mina.apache.org
> > >
> > > Hi SSHD team,
> > >
> > > Not sure if this is a bug or not, but when I instantiate a new FileSystem
> > > using the VirtualFileSystemFactory and RootedFileSystemProvider, as a
> > user
> > > on the box, I am able to mkdir and get/put files in parent (i.e.
> > > non-subpath) paths of the supposed "root" if I do something like
> > >
> > > sftp> pwd
> > > Remote working directory: /
> > >
> > > $ put ../thisismyfile
> > >
> > > It seems like the resolveLocalPath which is supposed to throw an
> > > InvalidPathException if the path is not a proper subpath of the rooted
> > file
> > > system needs to normalize the path in addition to doing it's nullity
> > > checks. I was able to prevent this behavior by doing something like
> > this,
> > > but not sure if this is the best approach.
> > >
> > > Any guidance/explanation would be appreciated. Thanks.
> > >
> > > public class FixedRootedFileSystemProvider extends
> > RootedFileSystemProvider {
> > >
> > > private static final Logger LOG =
> > > LoggerFactory.getLogger(FixedRootedFileSystemProvider.class);
> > >
> > > public FixedRootedFileSystemProvider() { super(); }
> > >
> > > @Override
> > > protected Path resolveLocalPath(RootedPath path) {
> > > Path resolvedLocalPath = super.resolveLocalPath(path);
> > > return validateParent(path, resolvedLocalPath);
> > > }
> > >
> > > private Path validateParent(RootedPath path, Path localPath) throws
> > > InvalidPathException {
> > > RootedFileSystem rfs = path.getFileSystem();
> > > Path root = rfs.getRoot();
> > >
> > > if
> > (!localPath.toAbsolutePath().normalize().startsWith(root.toAbsolutePath().normalize()))
> > > { //i.e. is not a REAL subpath
> > > LOG.info("{} is not a subpath of the root FS path " +
> > > root.toAbsolutePath().normalize(),
> > > localPath.toAbsolutePath().normalize());
> > > throw new InvalidPathException(localPath.toString(), "Invalid
> > path");
> > > }
> > > return localPath;
> > > }
> > > }
> >
> >
Re: VirtualFileSystem able to mkdir and chdir to non rooted directory
Thanks Elijah, I should have stated that I'm using version 1.1.0 on El
Capitan v 10.11.3:
$ md5 sshd-core-1.1.0.jar
MD5 (sshd-core-1.1.0.jar) = 6e94f5cd80de88ddaaa80bb2ff3fa793
I've written some unit tests (that's how I discovered the issue) on our end
here to check to see that an InvalidPathException is thrown using the code
above (it can be cleaned up, but is mostly the same).
Maybe my version is out of date or there is still an issue?
On Sat, Apr 9, 2016 at 12:45 AM, elijah baley wrote:
> This has been fixed in version 1.1 and up via SSHD-605
>
> > Date: Fri, 8 Apr 2016 15:48:10 -0700
> > Subject: VirtualFileSystem able to mkdir and chdir to non rooted
> directory
> > From: a...@linkedin.com.INVALID
> > To: dev@mina.apache.org
> >
> > Hi SSHD team,
> >
> > Not sure if this is a bug or not, but when I instantiate a new FileSystem
> > using the VirtualFileSystemFactory and RootedFileSystemProvider, as a
> user
> > on the box, I am able to mkdir and get/put files in parent (i.e.
> > non-subpath) paths of the supposed "root" if I do something like
> >
> > sftp> pwd
> > Remote working directory: /
> >
> > $ put ../thisismyfile
> >
> > It seems like the resolveLocalPath which is supposed to throw an
> > InvalidPathException if the path is not a proper subpath of the rooted
> file
> > system needs to normalize the path in addition to doing it's nullity
> > checks. I was able to prevent this behavior by doing something like
> this,
> > but not sure if this is the best approach.
> >
> > Any guidance/explanation would be appreciated. Thanks.
> >
> > public class FixedRootedFileSystemProvider extends
> RootedFileSystemProvider {
> >
> > private static final Logger LOG =
> > LoggerFactory.getLogger(FixedRootedFileSystemProvider.class);
> >
> > public FixedRootedFileSystemProvider() { super(); }
> >
> > @Override
> > protected Path resolveLocalPath(RootedPath path) {
> > Path resolvedLocalPath = super.resolveLocalPath(path);
> > return validateParent(path, resolvedLocalPath);
> > }
> >
> > private Path validateParent(RootedPath path, Path localPath) throws
> > InvalidPathException {
> > RootedFileSystem rfs = path.getFileSystem();
> > Path root = rfs.getRoot();
> >
> > if
> (!localPath.toAbsolutePath().normalize().startsWith(root.toAbsolutePath().normalize()))
> > { //i.e. is not a REAL subpath
> > LOG.info("{} is not a subpath of the root FS path " +
> > root.toAbsolutePath().normalize(),
> > localPath.toAbsolutePath().normalize());
> > throw new InvalidPathException(localPath.toString(), "Invalid
> path");
> > }
> > return localPath;
> > }
> > }
>
>
RE: VirtualFileSystem able to mkdir and chdir to non rooted directory
This has been fixed in version 1.1 and up via SSHD-605
> Date: Fri, 8 Apr 2016 15:48:10 -0700
> Subject: VirtualFileSystem able to mkdir and chdir to non rooted directory
> From: a...@linkedin.com.INVALID
> To: dev@mina.apache.org
>
> Hi SSHD team,
>
> Not sure if this is a bug or not, but when I instantiate a new FileSystem
> using the VirtualFileSystemFactory and RootedFileSystemProvider, as a user
> on the box, I am able to mkdir and get/put files in parent (i.e.
> non-subpath) paths of the supposed "root" if I do something like
>
> sftp> pwd
> Remote working directory: /
>
> $ put ../thisismyfile
>
> It seems like the resolveLocalPath which is supposed to throw an
> InvalidPathException if the path is not a proper subpath of the rooted file
> system needs to normalize the path in addition to doing it's nullity
> checks. I was able to prevent this behavior by doing something like this,
> but not sure if this is the best approach.
>
> Any guidance/explanation would be appreciated. Thanks.
>
> public class FixedRootedFileSystemProvider extends RootedFileSystemProvider {
>
> private static final Logger LOG =
> LoggerFactory.getLogger(FixedRootedFileSystemProvider.class);
>
> public FixedRootedFileSystemProvider() { super(); }
>
> @Override
> protected Path resolveLocalPath(RootedPath path) {
> Path resolvedLocalPath = super.resolveLocalPath(path);
> return validateParent(path, resolvedLocalPath);
> }
>
> private Path validateParent(RootedPath path, Path localPath) throws
> InvalidPathException {
> RootedFileSystem rfs = path.getFileSystem();
> Path root = rfs.getRoot();
>
> if
> (!localPath.toAbsolutePath().normalize().startsWith(root.toAbsolutePath().normalize()))
> { //i.e. is not a REAL subpath
> LOG.info("{} is not a subpath of the root FS path " +
> root.toAbsolutePath().normalize(),
> localPath.toAbsolutePath().normalize());
> throw new InvalidPathException(localPath.toString(), "Invalid path");
> }
> return localPath;
> }
> }
