Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5458 from eclipse/jetty-9.4.x-5451-temp-perms-cleanup 

Issue #5451 - Removing file/dir permission management from codebase
This commit is contained in:
Joakim Erdfelt 2020-10-17 05:28:13 -05:00 committed by GitHub
parent e6fb4c3ac4 d612f12cf6
commit fed8484d88
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 2 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
jetty-http/src/main/java/org/eclipse/jetty/http/MultiPartFormInputStream.java
View File

@ -42,7 +42,6 @@ import javax.servlet.http.Part;
import org.eclipse.jetty.util.BufferUtil;
import org.eclipse.jetty.util.ByteArrayOutputStream2;
import org.eclipse.jetty.util.IO;
import org.eclipse.jetty.util.LazyList;
import org.eclipse.jetty.util.MultiException;
import org.eclipse.jetty.util.MultiMap;
@ -153,7 +152,7 @@ public class MultiPartFormInputStream
protected void createFile() throws IOException
{
Path parent = MultiPartFormInputStream.this._tmpDir.toPath();
Path tempFile = Files.createTempFile(parent, "MultiPart", "", IO.getUserOnlyFileAttribute(parent));
Path tempFile = Files.createTempFile(parent, "MultiPart", "");
_file = tempFile.toFile();
OutputStream fos = Files.newOutputStream(tempFile, StandardOpenOption.WRITE);

78
jetty-util/src/main/java/org/eclipse/jetty/util/IO.java
View File

@ -34,16 +34,8 @@ import java.io.Writer;
import java.nio.ByteBuffer;
import java.nio.channels.GatheringByteChannel;
import java.nio.charset.Charset;
import java.nio.file.FileStore;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.DosFileAttributeView;
import java.nio.file.attribute.FileAttribute;
import java.nio.file.attribute.PosixFileAttributeView;
import java.nio.file.attribute.PosixFilePermission;
import java.nio.file.attribute.PosixFilePermissions;
import java.util.HashSet;
import java.util.Objects;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
@ -57,24 +49,6 @@ public class IO
{
private static final Logger LOG = Log.getLogger(IO.class);
private static final FileAttribute<?>[] NO_FILE_ATTRIBUTES = new FileAttribute[0];
private static final FileAttribute<?>[] USER_ONLY_POSIX_FILE_ATTRIBUTES =
new FileAttribute[]{
PosixFilePermissions.asFileAttribute(
new HashSet<PosixFilePermission>()
{
{
add(PosixFilePermission.OWNER_EXECUTE);
add(PosixFilePermission.OWNER_READ);
add(PosixFilePermission.OWNER_WRITE);
// we don't add GROUP or OTHER write perms here.
add(PosixFilePermission.GROUP_READ);
add(PosixFilePermission.OTHERS_READ);
}
}
)
};
public static final String
CRLF = "\r\n";
@ -462,58 +436,6 @@ public class IO
close((Closeable)writer);
}
/**
* Get the array of {@link FileAttribute} values for the provided path
* that will set the path to Full Read/Write for the user running Jetty,
* but Readonly for other users.
* <p>
* For Unix, that's means {@link java.nio.file.attribute.PosixFileAttributes}
* where the World and Other groups have their read / write flags removed.
* </p>
* <p>
* For Windows / Dos, that means {@link java.nio.file.attribute.DosFileAttributes}
* </p>
*/
public static FileAttribute<?>[] getUserOnlyFileAttribute(Path path)
{
FileStore fileStore = null;
try
{
// Obtain a reference to the FileStore to know what kind of read-only we are capable of.
fileStore = Files.getFileStore(Objects.requireNonNull(path));
if (fileStore == null)
{
// Not on a properly implemented FileStore (seen with 3rd party FileStore implementations)
// We cannot do anything in this case, so just return.
return NO_FILE_ATTRIBUTES;
}
if (fileStore.supportsFileAttributeView(DosFileAttributeView.class))
{
// We are on a Windows / DOS filesystem.
// It might support ACL, but we don't attempt to support that here.
return NO_FILE_ATTRIBUTES;
}
if (fileStore.supportsFileAttributeView(PosixFileAttributeView.class))
{
// We are on a Unix / Linux / OSX system
return USER_ONLY_POSIX_FILE_ATTRIBUTES;
}
// If we reached this point, we have a Path on a FileSystem / FileStore that we cannot control.
// So skip the attempt to set readable.
}
catch (IOException e)
{
if (LOG.isDebugEnabled())
LOG.debug("Unable to determine attribute types on path: {}", path, e);
}
return NO_FILE_ATTRIBUTES;
}
public static byte[] readBytes(InputStream in)
throws IOException
{

2
jetty-util/src/main/java/org/eclipse/jetty/util/MultiPartInputStreamParser.java
View File

@ -191,7 +191,7 @@ public class MultiPartInputStreamParser
throws IOException
{
Path parent = MultiPartInputStreamParser.this._tmpDir.toPath();
Path tempFile = Files.createTempFile(parent, "MultiPart", "", IO.getUserOnlyFileAttribute(parent));
Path tempFile = Files.createTempFile(parent, "MultiPart", "");
_file = tempFile.toFile();
OutputStream fos = Files.newOutputStream(tempFile, StandardOpenOption.WRITE);