HADOOP-7172. SecureIO should not check owner on non-secure clusters that have no native support. Contributed by Todd Lipcon
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1095958 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
99ebad8e75
commit
dc16490ad3
|
@ -596,6 +596,9 @@ Release 0.22.0 - Unreleased
|
|||
HADOOP-7229. Do not default to an absolute path for kinit in Kerberos
|
||||
auto-renewal thread. (Aaron T. Myers via todd)
|
||||
|
||||
HADOOP-7172. SecureIO should not check owner on non-secure
|
||||
clusters that have no native support. (todd via eli)
|
||||
|
||||
Release 0.21.1 - Unreleased
|
||||
|
||||
IMPROVEMENTS
|
||||
|
|
|
@ -91,23 +91,32 @@ public class SecureIOUtils {
|
|||
|
||||
/**
|
||||
* Open the given File for read access, verifying the expected user/group
|
||||
* constraints.
|
||||
* constraints if security is enabled.
|
||||
*
|
||||
* Note that this function provides no additional checks if Hadoop
|
||||
* security is disabled, since doing the checks would be too expensive
|
||||
* when native libraries are not available.
|
||||
*
|
||||
* @param f the file that we are trying to open
|
||||
* @param expectedOwner the expected user owner for the file
|
||||
* @param expectedGroup the expected group owner for the file
|
||||
* @throws IOException if an IO Error occurred, or the user/group does not
|
||||
* match
|
||||
* @throws IOException if an IO Error occurred, or security is enabled and
|
||||
* the user/group does not match
|
||||
*/
|
||||
public static FileInputStream openForRead(File f, String expectedOwner,
|
||||
String expectedGroup) throws IOException {
|
||||
if (skipSecurity) {
|
||||
// Subject to race conditions but this is the best we can do
|
||||
FileStatus status =
|
||||
rawFilesystem.getFileStatus(new Path(f.getAbsolutePath()));
|
||||
checkStat(f, status.getOwner(), status.getGroup(),
|
||||
expectedOwner, expectedGroup);
|
||||
if (!UserGroupInformation.isSecurityEnabled()) {
|
||||
return new FileInputStream(f);
|
||||
}
|
||||
return forceSecureOpenForRead(f, expectedOwner, expectedGroup);
|
||||
}
|
||||
|
||||
/**
|
||||
* Same as openForRead() except that it will run even if security is off.
|
||||
* This is used by unit tests.
|
||||
*/
|
||||
static FileInputStream forceSecureOpenForRead(File f, String expectedOwner,
|
||||
String expectedGroup) throws IOException {
|
||||
|
||||
FileInputStream fis = new FileInputStream(f);
|
||||
boolean success = false;
|
||||
|
|
|
@ -64,11 +64,20 @@ public class TestSecureIOUtils {
|
|||
.openForRead(testFilePath, realOwner, realGroup).close();
|
||||
}
|
||||
|
||||
@Test(expected=IOException.class)
|
||||
@Test
|
||||
public void testReadIncorrectlyRestrictedWithSecurity() throws IOException {
|
||||
// this will only run if libs are available
|
||||
assumeTrue(NativeIO.isAvailable());
|
||||
|
||||
System.out.println("Running test with native libs...");
|
||||
|
||||
try {
|
||||
SecureIOUtils
|
||||
.openForRead(testFilePath, "invalidUser", null).close();
|
||||
.forceSecureOpenForRead(testFilePath, "invalidUser", null).close();
|
||||
fail("Didn't throw expection for wrong ownership!");
|
||||
} catch (IOException ioe) {
|
||||
// expected
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
Loading…
Reference in New Issue