HADOOP-7172. SecureIO should not check owner on non-secure clusters that have no native support. Contributed by Todd Lipcon

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1095958 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Eli Collins 2011-04-22 16:19:46 +00:00
parent 99ebad8e75
commit dc16490ad3
3 changed files with 34 additions and 13 deletions

View File

@ -596,6 +596,9 @@ Release 0.22.0 - Unreleased
HADOOP-7229. Do not default to an absolute path for kinit in Kerberos HADOOP-7229. Do not default to an absolute path for kinit in Kerberos
auto-renewal thread. (Aaron T. Myers via todd) auto-renewal thread. (Aaron T. Myers via todd)
HADOOP-7172. SecureIO should not check owner on non-secure
clusters that have no native support. (todd via eli)
Release 0.21.1 - Unreleased Release 0.21.1 - Unreleased
IMPROVEMENTS IMPROVEMENTS

View File

@ -91,23 +91,32 @@ public class SecureIOUtils {
/** /**
* Open the given File for read access, verifying the expected user/group * Open the given File for read access, verifying the expected user/group
* constraints. * constraints if security is enabled.
*
* Note that this function provides no additional checks if Hadoop
* security is disabled, since doing the checks would be too expensive
* when native libraries are not available.
*
* @param f the file that we are trying to open * @param f the file that we are trying to open
* @param expectedOwner the expected user owner for the file * @param expectedOwner the expected user owner for the file
* @param expectedGroup the expected group owner for the file * @param expectedGroup the expected group owner for the file
* @throws IOException if an IO Error occurred, or the user/group does not * @throws IOException if an IO Error occurred, or security is enabled and
* match * the user/group does not match
*/ */
public static FileInputStream openForRead(File f, String expectedOwner, public static FileInputStream openForRead(File f, String expectedOwner,
String expectedGroup) throws IOException { String expectedGroup) throws IOException {
if (skipSecurity) { if (!UserGroupInformation.isSecurityEnabled()) {
// Subject to race conditions but this is the best we can do
FileStatus status =
rawFilesystem.getFileStatus(new Path(f.getAbsolutePath()));
checkStat(f, status.getOwner(), status.getGroup(),
expectedOwner, expectedGroup);
return new FileInputStream(f); return new FileInputStream(f);
} }
return forceSecureOpenForRead(f, expectedOwner, expectedGroup);
}
/**
* Same as openForRead() except that it will run even if security is off.
* This is used by unit tests.
*/
static FileInputStream forceSecureOpenForRead(File f, String expectedOwner,
String expectedGroup) throws IOException {
FileInputStream fis = new FileInputStream(f); FileInputStream fis = new FileInputStream(f);
boolean success = false; boolean success = false;

View File

@ -64,11 +64,20 @@ public class TestSecureIOUtils {
.openForRead(testFilePath, realOwner, realGroup).close(); .openForRead(testFilePath, realOwner, realGroup).close();
} }
@Test(expected=IOException.class) @Test
public void testReadIncorrectlyRestrictedWithSecurity() throws IOException { public void testReadIncorrectlyRestrictedWithSecurity() throws IOException {
// this will only run if libs are available
assumeTrue(NativeIO.isAvailable());
System.out.println("Running test with native libs...");
try {
SecureIOUtils SecureIOUtils
.openForRead(testFilePath, "invalidUser", null).close(); .forceSecureOpenForRead(testFilePath, "invalidUser", null).close();
fail("Didn't throw expection for wrong ownership!"); fail("Didn't throw expection for wrong ownership!");
} catch (IOException ioe) {
// expected
}
} }
@Test @Test