|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.hadoop.io.SecureIOUtils
public class SecureIOUtils
This class provides secure APIs for opening and creating files on the local
disk. The main issue this class tries to handle is that of symlink traversal.
An example of such an attack is:
Nested Class Summary | |
---|---|
static class |
SecureIOUtils.AlreadyExistsException
Signals that an attempt to create a file at a given pathname has failed because another file already existed at that path. |
Constructor Summary | |
---|---|
SecureIOUtils()
|
Method Summary | |
---|---|
static FileOutputStream |
createForWrite(File f,
int permissions)
Open the specified File for write access, ensuring that it does not exist. |
protected static RandomAccessFile |
forceSecureOpenForRandomRead(File f,
String mode,
String expectedOwner,
String expectedGroup)
Same as openForRandomRead except that it will run even if security is off. |
protected static FileInputStream |
forceSecureOpenForRead(File f,
String expectedOwner,
String expectedGroup)
Same as openForRead() except that it will run even if security is off. |
protected static FSDataInputStream |
forceSecureOpenFSDataInputStream(File file,
String expectedOwner,
String expectedGroup)
Same as openFSDataInputStream except that it will run even if security is off. |
static RandomAccessFile |
openForRandomRead(File f,
String mode,
String expectedOwner,
String expectedGroup)
Open the given File for random read access, verifying the expected user/ group constraints if security is enabled. |
static FileInputStream |
openForRead(File f,
String expectedOwner,
String expectedGroup)
Open the given File for read access, verifying the expected user/group constraints if security is enabled. |
static FSDataInputStream |
openFSDataInputStream(File file,
String expectedOwner,
String expectedGroup)
Opens the FSDataInputStream on the requested file on local file
system, verifying the expected user/group constraints if security is
enabled. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SecureIOUtils()
Method Detail |
---|
public static RandomAccessFile openForRandomRead(File f, String mode, String expectedOwner, String expectedGroup) throws IOException
f
- file that we are trying to openmode
- mode in which we want to open the random access fileexpectedOwner
- the expected user owner for the fileexpectedGroup
- the expected group owner for the file
IOException
- if an IO error occurred or if the user/group does
not match when security is enabled.protected static RandomAccessFile forceSecureOpenForRandomRead(File f, String mode, String expectedOwner, String expectedGroup) throws IOException
IOException
public static FSDataInputStream openFSDataInputStream(File file, String expectedOwner, String expectedGroup) throws IOException
FSDataInputStream
on the requested file on local file
system, verifying the expected user/group constraints if security is
enabled.
file
- absolute path of the fileexpectedOwner
- the expected user owner for the fileexpectedGroup
- the expected group owner for the file
IOException
- if an IO Error occurred or the user/group does not
match if security is enabledprotected static FSDataInputStream forceSecureOpenFSDataInputStream(File file, String expectedOwner, String expectedGroup) throws IOException
IOException
public static FileInputStream openForRead(File f, String expectedOwner, String expectedGroup) throws IOException
f
- the file that we are trying to openexpectedOwner
- the expected user owner for the fileexpectedGroup
- the expected group owner for the file
IOException
- if an IO Error occurred, or security is enabled and
the user/group does not matchprotected static FileInputStream forceSecureOpenForRead(File f, String expectedOwner, String expectedGroup) throws IOException
IOException
public static FileOutputStream createForWrite(File f, int permissions) throws IOException
f
- the file that we want to createpermissions
- we want to have on the file (if security is enabled)
SecureIOUtils.AlreadyExistsException
- if the file already exists
IOException
- if any other error occurred
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |