Hi all, This came out of discussion in HADOOP-12718. What do you think if I place extra permission check into {{FileUtil#list}}? {code} public static String[] list(File dir) throws IOException { + if (!canRead(dir)) { + throw new AccessControlException("Permission denied for dir: " + + dir.toString()); } String[] fileNames = dir.list(); if(fileNames == null) { throw new IOException("Invalid directory or I/O error occurred for dir: " + dir.toString()); } return fileNames; } {code} Currently {{FileUtil#list}} is only called by: {code} hadoop-common (1 usage found) org.apache.hadoop.fs (1 usage found) RawLocalFileSystem (1 usage found) listStatus(Path) (1 usage found) 474String[] names = FileUtil.list(localf); hadoop-hdfs (3 usages found) org.apache.hadoop.hdfs.server.datanode (2 usages found) BlockPoolSliceStorage (1 usage found) cleanupDetachDir(File) (1 usage found) 518if (FileUtil.list(detachDir).length != 0) { DataStorage (1 usage found) cleanupDetachDir(File) (1 usage found) 910if (FileUtil.list(detachDir).length != 0 ) { org.apache.hadoop.hdfs.server.datanode.fsdataset.impl (1 usage found) FsVolumeImpl (1 usage found) isBPDirEmpty(String) (1 usage found) 1035if (rbwDir.exists() && FileUtil.list(rbwDir).length != 0) { {code}
These callers seem ok with the change. ACE is a subclass of IOE, I imagine the impact should be minimum with the benefit of give more precise exception class and message. Thanks, John Zhuge Software Engineer, Cloudera