From d612f12cf67295296dceb63e299557577a0f65c4 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Fri, 16 Oct 2020 13:17:28 -0500 Subject: [PATCH] Issue #5451 - Removing file/dir permission management from codebase Signed-off-by: Joakim Erdfelt --- .../jetty/http/MultiPartFormInputStream.java | 3 +- .../main/java/org/eclipse/jetty/util/IO.java | 78 ------------------- .../util/MultiPartInputStreamParser.java | 2 +- 3 files changed, 2 insertions(+), 81 deletions(-) diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/MultiPartFormInputStream.java b/jetty-http/src/main/java/org/eclipse/jetty/http/MultiPartFormInputStream.java index badefa3e6f1..ffc79816cc1 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/MultiPartFormInputStream.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/MultiPartFormInputStream.java @@ -42,7 +42,6 @@ import javax.servlet.http.Part; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.ByteArrayOutputStream2; -import org.eclipse.jetty.util.IO; import org.eclipse.jetty.util.LazyList; import org.eclipse.jetty.util.MultiException; import org.eclipse.jetty.util.MultiMap; @@ -153,7 +152,7 @@ public class MultiPartFormInputStream protected void createFile() throws IOException { Path parent = MultiPartFormInputStream.this._tmpDir.toPath(); - Path tempFile = Files.createTempFile(parent, "MultiPart", "", IO.getUserOnlyFileAttribute(parent)); + Path tempFile = Files.createTempFile(parent, "MultiPart", ""); _file = tempFile.toFile(); OutputStream fos = Files.newOutputStream(tempFile, StandardOpenOption.WRITE); diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/IO.java b/jetty-util/src/main/java/org/eclipse/jetty/util/IO.java index a4cb3a3cb8a..0ccd1ec969d 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/IO.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/IO.java @@ -34,16 +34,8 @@ import java.io.Writer; import java.nio.ByteBuffer; import java.nio.channels.GatheringByteChannel; import java.nio.charset.Charset; -import java.nio.file.FileStore; import java.nio.file.Files; import java.nio.file.Path; -import java.nio.file.attribute.DosFileAttributeView; -import java.nio.file.attribute.FileAttribute; -import java.nio.file.attribute.PosixFileAttributeView; -import java.nio.file.attribute.PosixFilePermission; -import java.nio.file.attribute.PosixFilePermissions; -import java.util.HashSet; -import java.util.Objects; import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Logger; @@ -57,24 +49,6 @@ public class IO { private static final Logger LOG = Log.getLogger(IO.class); - private static final FileAttribute[] NO_FILE_ATTRIBUTES = new FileAttribute[0]; - private static final FileAttribute[] USER_ONLY_POSIX_FILE_ATTRIBUTES = - new FileAttribute[]{ - PosixFilePermissions.asFileAttribute( - new HashSet() - { - { - add(PosixFilePermission.OWNER_EXECUTE); - add(PosixFilePermission.OWNER_READ); - add(PosixFilePermission.OWNER_WRITE); - // we don't add GROUP or OTHER write perms here. - add(PosixFilePermission.GROUP_READ); - add(PosixFilePermission.OTHERS_READ); - } - } - ) - }; - public static final String CRLF = "\r\n"; @@ -462,58 +436,6 @@ public class IO close((Closeable)writer); } - /** - * Get the array of {@link FileAttribute} values for the provided path - * that will set the path to Full Read/Write for the user running Jetty, - * but Readonly for other users. - *

- * For Unix, that's means {@link java.nio.file.attribute.PosixFileAttributes} - * where the World and Other groups have their read / write flags removed. - *

- *

- * For Windows / Dos, that means {@link java.nio.file.attribute.DosFileAttributes} - *

- */ - public static FileAttribute[] getUserOnlyFileAttribute(Path path) - { - FileStore fileStore = null; - try - { - // Obtain a reference to the FileStore to know what kind of read-only we are capable of. - fileStore = Files.getFileStore(Objects.requireNonNull(path)); - - if (fileStore == null) - { - // Not on a properly implemented FileStore (seen with 3rd party FileStore implementations) - // We cannot do anything in this case, so just return. - return NO_FILE_ATTRIBUTES; - } - - if (fileStore.supportsFileAttributeView(DosFileAttributeView.class)) - { - // We are on a Windows / DOS filesystem. - // It might support ACL, but we don't attempt to support that here. - return NO_FILE_ATTRIBUTES; - } - - if (fileStore.supportsFileAttributeView(PosixFileAttributeView.class)) - { - // We are on a Unix / Linux / OSX system - return USER_ONLY_POSIX_FILE_ATTRIBUTES; - } - - // If we reached this point, we have a Path on a FileSystem / FileStore that we cannot control. - // So skip the attempt to set readable. - } - catch (IOException e) - { - if (LOG.isDebugEnabled()) - LOG.debug("Unable to determine attribute types on path: {}", path, e); - } - - return NO_FILE_ATTRIBUTES; - } - public static byte[] readBytes(InputStream in) throws IOException { diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/MultiPartInputStreamParser.java b/jetty-util/src/main/java/org/eclipse/jetty/util/MultiPartInputStreamParser.java index 97e5ec7563a..e7210f56271 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/MultiPartInputStreamParser.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/MultiPartInputStreamParser.java @@ -191,7 +191,7 @@ public class MultiPartInputStreamParser throws IOException { Path parent = MultiPartInputStreamParser.this._tmpDir.toPath(); - Path tempFile = Files.createTempFile(parent, "MultiPart", "", IO.getUserOnlyFileAttribute(parent)); + Path tempFile = Files.createTempFile(parent, "MultiPart", ""); _file = tempFile.toFile(); OutputStream fos = Files.newOutputStream(tempFile, StandardOpenOption.WRITE);