You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-dev@hadoop.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2008/04/15 18:55:12 UTC
[jira] Created: (HADOOP-3259) Configuration.substituteVars() needs
to handle security exceptions
Configuration.substituteVars() needs to handle security exceptions
------------------------------------------------------------------
Key: HADOOP-3259
URL: https://issues.apache.org/jira/browse/HADOOP-3259
Project: Hadoop Core
Issue Type: Bug
Components: conf
Affects Versions: 0.16.2
Reporter: Steve Loughran
Priority: Trivial
Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-3259) Configuration.substituteVars()
needs to handle security exceptions
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12594986#action_12594986 ]
Hadoop QA commented on HADOOP-3259:
-----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12381558/3259.patch
against trunk revision 654128.
+1 @author. The patch does not contain any @author tags.
-1 tests included. The patch doesn't appear to include any new or modified tests.
Please justify why no tests are needed for this patch.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
+1 findbugs. The patch does not introduce any new Findbugs warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
+1 core tests. The patch passed core unit tests.
+1 contrib tests. The patch passed contrib unit tests.
Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/testReport/
Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/artifact/trunk/build/test/checkstyle-errors.html
Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch/2417/console
This message is automatically generated.
> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
> Key: HADOOP-3259
> URL: https://issues.apache.org/jira/browse/HADOOP-3259
> Project: Hadoop Core
> Issue Type: Bug
> Components: conf
> Affects Versions: 0.16.2
> Reporter: Steve Loughran
> Assignee: Edward J. Yoon
> Priority: Trivial
> Fix For: 0.18.0
>
> Attachments: 3259.patch
>
>
> Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
> Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-3259) Configuration.substituteVars()
needs to handle security exceptions
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12599345#action_12599345 ]
Hudson commented on HADOOP-3259:
--------------------------------
Integrated in Hadoop-trunk #500 (See [http://hudson.zones.apache.org/hudson/job/Hadoop-trunk/500/])
> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
> Key: HADOOP-3259
> URL: https://issues.apache.org/jira/browse/HADOOP-3259
> Project: Hadoop Core
> Issue Type: Bug
> Components: conf
> Affects Versions: 0.16.2
> Reporter: Steve Loughran
> Assignee: Edward J. Yoon
> Priority: Trivial
> Fix For: 0.18.0
>
> Attachments: 3259.patch
>
>
> Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
> Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-3259) Configuration.substituteVars() needs
to handle security exceptions
Posted by "Edward J. Yoon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Edward J. Yoon updated HADOOP-3259:
-----------------------------------
Fix Version/s: 0.18.0
Status: Patch Available (was: Open)
submitting.
> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
> Key: HADOOP-3259
> URL: https://issues.apache.org/jira/browse/HADOOP-3259
> Project: Hadoop Core
> Issue Type: Bug
> Components: conf
> Affects Versions: 0.16.2
> Reporter: Steve Loughran
> Assignee: Edward J. Yoon
> Priority: Trivial
> Fix For: 0.18.0
>
> Attachments: 3259.patch
>
>
> Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
> Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-3259) Configuration.substituteVars() needs
to handle security exceptions
Posted by "Owen O'Malley (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Owen O'Malley updated HADOOP-3259:
----------------------------------
Resolution: Fixed
Hadoop Flags: [Reviewed]
Status: Resolved (was: Patch Available)
I just committed this. Thanks, Edward!
> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
> Key: HADOOP-3259
> URL: https://issues.apache.org/jira/browse/HADOOP-3259
> Project: Hadoop Core
> Issue Type: Bug
> Components: conf
> Affects Versions: 0.16.2
> Reporter: Steve Loughran
> Assignee: Edward J. Yoon
> Priority: Trivial
> Fix For: 0.18.0
>
> Attachments: 3259.patch
>
>
> Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
> Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-3259) Configuration.substituteVars() needs
to handle security exceptions
Posted by "Edward J. Yoon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Edward J. Yoon updated HADOOP-3259:
-----------------------------------
Attachment: 3259.patch
> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
> Key: HADOOP-3259
> URL: https://issues.apache.org/jira/browse/HADOOP-3259
> Project: Hadoop Core
> Issue Type: Bug
> Components: conf
> Affects Versions: 0.16.2
> Reporter: Steve Loughran
> Assignee: Edward J. Yoon
> Priority: Trivial
> Attachments: 3259.patch
>
>
> Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
> Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (HADOOP-3259) Configuration.substituteVars() needs
to handle security exceptions
Posted by "Edward J. Yoon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-3259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Edward J. Yoon reassigned HADOOP-3259:
--------------------------------------
Assignee: Edward J. Yoon
> Configuration.substituteVars() needs to handle security exceptions
> ------------------------------------------------------------------
>
> Key: HADOOP-3259
> URL: https://issues.apache.org/jira/browse/HADOOP-3259
> Project: Hadoop Core
> Issue Type: Bug
> Components: conf
> Affects Versions: 0.16.2
> Reporter: Steve Loughran
> Assignee: Edward J. Yoon
> Priority: Trivial
>
> Inside Configuration.substituteVars(), there is a call to System.getProperty(var); this contains the implicit assumption that the JVM will never block access to a system property, because if that is the case -such as when the Configuration is running under a restrictive security manager, a SecurityException gets thrown. This will get thrown all the way up the tree.
> Better to have some plan to handle it in situ, such as a log@warn level then leave the property unexpanded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.