Files.walk() is unusable because of AccessDeniedException

ecki at zusammenkunft.net ecki at zusammenkunft.net
Tue May 24 19:52:03 UTC 2016 

The AccessDeniedExceptions are not a java security mechanism. It is a OS mechanism and i think it is good that java reveals all information also available with native access (i.e. if you have no 'x' permission on a dir you cannot enter it but you can see it (as long asmyou have read permission on the parent).

The only issue is here that the walker should be able to skip or resume walking in such a scenario. (Itmsounds like this is the problem/question here?)

Gruss
Bernd
-- 
http://bernd.eckenfels.net

-----Original Message-----
From: timo.kinnunen at gmail.com
To: Andrew Haley <aph at redhat.com>, Gilles Habran <gilleshabran at gmail.com>, "core-libs-dev at openjdk.java.net" <core-libs-dev at openjdk.java.net>
Sent: Di., 24 Mai 2016 21:40
Subject: RE: Fwd: Files.walk() is unusable because of AccessDeniedException

Hi, 

The API documentation makes the point that if there is a security manager installed which denies access to some entries amongst the visited files and directories then those entries are silently skipped, their presence not being disclosed by the walk terminating early due to an access denied exception. This is reasonable and follows the principle that information about privileged information is also privileged information. However Files::walk doesn’t follow that principle consistently. There’s no mention of the java.nio.file.attribute package or the AclEntryPermission enum, for example. It is not clear to me if, as an extreme example, the presence of an ACL on a file which denies read access to the file’s ACL (READ_ACL) would be leaked by Files::walk. 

What Files::walk could do is support all access control mechanisms in the JDK in equal measure.

As is it is, currently it is only those protected files that are unknown to the security manager and unknowable to Java that are being revealed to unprivileged users. This seems like the exact opposite of how it should be.






-- 
Have a nice day, 
Timo

Sent from Mail for Windows 10

From: Andrew Haley

More information about the core-libs-dev mailing list