[HADOOP-6898] FileSystem.copyToLocal creates files with 777 permissions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.22.0
Component/s: fs, security
Labels:
None

Hadoop Flags:

Reviewed

Description

FileSystem.copyToLocal ends up calling through to FileUtil.copy, which calls create() on the target file system without passing any permission object. Therefore, the file ends up getting created locally with 777 permissions, which is dangerous – even if the caller then fixes up permissions afterwards, it exposes a window in which an attacker can open the file.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

hadoop-6898.0.txt
11/Apr/11 08:14
2 kB
Aaron Myers

Activity

People

Assignee:: Aaron Myers

Reporter:: Todd Lipcon

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 04/Aug/10 00:51

Updated:: 12/Dec/11 06:19

Resolved:: 12/Apr/11 22:35