[PR] SOLR-12429: Prevent symbolic links from being uploaded as part of a configset [solr]

Fri, 16 Aug 2024 06:32:29 -0700 


epugh opened a new pull request, #2651:
URL: https://github.com/apache/solr/pull/2651

   https://issues.apache.org/jira/browse/SOLR-12429
   
   
   # Description
   
   Preventing the upload of a configset via bin/solr zk upload that contains 
symbolic links to files and dirs.   This prevents a obscure error message, and 
tells the user what went wrong.
   
   # Solution
   
   I added a check in `FileTypeMagicUtil` which maybe not quite perfect, but 
let me tap into a custom error message.   Maybe the class should be renamed to 
"ConfigSetFileValidator" ???
   
   Because of java security manager limitations, my attempt to create a 
symbolic file and directory in a unit test failed, so I backed out and added a 
BATS style test instead.
   
   I did notice some other places where MAGIC file checking is done, 
BackupManager, ZkConfigSetService..    But not sure in those situations you can 
actually get a symbolic link in those places, since you are "inside solr" not 
on a file system...
   
   # Tests
   
   Bats and manual.
   
   # Checklist
   
   Please review the following and check all that apply:
   
   - [ ] I have reviewed the guidelines for [How to 
Contribute](https://github.com/apache/solr/blob/main/CONTRIBUTING.md) and my 
code conforms to the standards described there to the best of my ability.
   - [ ] I have created a Jira issue and added the issue ID to my pull request 
title.
   - [ ] I have given Solr maintainers 
[access](https://help.github.com/en/articles/allowing-changes-to-a-pull-request-branch-created-from-a-fork)
 to contribute to my PR branch. (optional but recommended)
   - [ ] I have developed this patch against the `main` branch.
   - [ ] I have run `./gradlew check`.
   - [ ] I have added tests for my changes.
   - [ ] I have added documentation for the [Reference 
Guide](https://github.com/apache/solr/tree/main/solr/solr-ref-guide)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

Reply via email to