You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@deltaspike.apache.org by st...@apache.org on 2019/10/15 19:55:35 UTC
[deltaspike] branch master updated: DELTASPIKE-1386 check
SecurityAccess when accessing user home dir
This is an automated email from the ASF dual-hosted git repository.
struberg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/deltaspike.git
The following commit(s) were added to refs/heads/master by this push:
new 0eff953 DELTASPIKE-1386 check SecurityAccess when accessing user home dir
0eff953 is described below
commit 0eff953a7e5a4df01ab8ded7a1737fd9278178a3
Author: Mark Struberg <st...@apache.org>
AuthorDate: Tue Oct 15 21:54:28 2019 +0200
DELTASPIKE-1386 check SecurityAccess when accessing user home dir
txs to Thomas Frühbeck for the report!
---
.../impl/config/DefaultConfigSourceProvider.java | 27 ++++++++++++++--------
1 file changed, 17 insertions(+), 10 deletions(-)
diff --git a/deltaspike/core/impl/src/main/java/org/apache/deltaspike/core/impl/config/DefaultConfigSourceProvider.java b/deltaspike/core/impl/src/main/java/org/apache/deltaspike/core/impl/config/DefaultConfigSourceProvider.java
index fa80e54..3f43c74 100644
--- a/deltaspike/core/impl/src/main/java/org/apache/deltaspike/core/impl/config/DefaultConfigSourceProvider.java
+++ b/deltaspike/core/impl/src/main/java/org/apache/deltaspike/core/impl/config/DefaultConfigSourceProvider.java
@@ -78,19 +78,26 @@ public class DefaultConfigSourceProvider implements ConfigSourceProvider
if (userHome != null && !userHome.isEmpty())
{
File dsHome = new File(userHome, PROPERTY_FILE_HOME_NAME);
- if (dsHome.exists())
+ try
{
- try
+ if (dsHome.exists())
{
- ConfigSource dsHomeConfigSource = new PropertyFileConfigSource(dsHome.toURI().toURL());
- configSources.add(dsHomeConfigSource);
- LOG.log(Level.INFO, "Reading configuration from {}", dsHome.getAbsolutePath());
- }
- catch (MalformedURLException e)
- {
- LOG.log(Level.WARNING, "Could not read configuration from " + dsHome.getAbsolutePath(), e);
- }
+ try
+ {
+ ConfigSource dsHomeConfigSource = new PropertyFileConfigSource(dsHome.toURI().toURL());
+ configSources.add(dsHomeConfigSource);
+ LOG.log(Level.INFO, "Reading configuration from {}", dsHome.getAbsolutePath());
+ }
+ catch (MalformedURLException e)
+ {
+ LOG.log(Level.WARNING, "Could not read configuration from " + dsHome.getAbsolutePath(), e);
+ }
+ }
+ }
+ catch (SecurityException se)
+ {
+ LOG.log(Level.INFO, "Not allowed to check if directory {} exists", dsHome.getPath());
}
}
}