Module org.elasticsearch.security
Package org.elasticsearch.xpack.security
Class PrivilegedFileWatcher
java.lang.Object
org.elasticsearch.watcher.AbstractResourceWatcher<FileChangesListener>
org.elasticsearch.watcher.FileWatcher
org.elasticsearch.xpack.security.PrivilegedFileWatcher
- All Implemented Interfaces:
ResourceWatcher
Extension of
FileWatcher that does privileged calls to IO.
This class exists so that the calls into the IO methods get here first in the security stackwalk, enabling us to use doPrivileged to ensure we have access. If we don't do this, the code location that is doing the accessing is not the one that is granted the SecuredFileAccessPermission, so the check in ESPolicy fails.
-
Constructor Summary
ConstructorsConstructorDescriptionPrivilegedFileWatcher(Path path) PrivilegedFileWatcher(Path path, boolean checkFileContents) -
Method Summary
Modifier and TypeMethodDescriptionprotected booleanfileExists(Path path) protected DirectoryStream<Path> protected InputStreamnewInputStream(Path path) protected BasicFileAttributesreadAttributes(Path path) Methods inherited from class org.elasticsearch.watcher.FileWatcher
clearState, doCheckAndNotify, doInit, getPathMethods inherited from class org.elasticsearch.watcher.AbstractResourceWatcher
addListener, checkAndNotify, init, listeners, remove
-
Constructor Details
-
PrivilegedFileWatcher
-
PrivilegedFileWatcher
-
-
Method Details
-
newInputStream
- Overrides:
newInputStreamin classFileWatcher- Throws:
IOException
-
fileExists
- Overrides:
fileExistsin classFileWatcher
-
readAttributes
- Overrides:
readAttributesin classFileWatcher- Throws:
IOException
-
listFiles
- Overrides:
listFilesin classFileWatcher- Throws:
IOException
-