-
- All Superinterfaces:
- AutoCloseable, Closeable, DirectoryStream<T>, Iterable<T>
public interface SecureDirectoryStream<T> extends DirectoryStream<T>
ADirectoryStream
that defines operations on files that are located relative to an open directory. ASecureDirectoryStream
is intended for use by sophisticated or security sensitive applications requiring to traverse file trees or otherwise operate on directories in a race-free manner. Race conditions can arise when a sequence of file operations cannot be carried out in isolation. Each of the file operations defined by this interface specify a relative path. All access to the file is relative to the open directory irrespective of if the directory is moved or replaced by an attacker while the directory is open. ASecureDirectoryStream
may also be used as a virtual working directory.A
SecureDirectoryStream
requires corresponding support from the underlying operating system. Where an implementation supports this features then theDirectoryStream
returned by thenewDirectoryStream
method will be aSecureDirectoryStream
and must be cast to that type in order to invoke the methods defined by this interface.In the case of the default
provider
, and a security manager is set, then the permission checks are performed using the path obtained by resolving the given relative path against the original path of the directory (irrespective of if the directory is moved since it was opened).- Since:
- 1.7
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface java.nio.file.DirectoryStream
DirectoryStream.Filter<T>
-
-
Method Summary
Methods Modifier and Type Method and Description void
deleteDirectory(T path)
Deletes a directory.void
deleteFile(T path)
Deletes a file.<V extends FileAttributeView>
VgetFileAttributeView(Class<V> type)
Returns a new file attribute view to access the file attributes of this directory.<V extends FileAttributeView>
VgetFileAttributeView(T path, Class<V> type, LinkOption... options)
Returns a new file attribute view to access the file attributes of a file in this directory.void
move(T srcpath, SecureDirectoryStream<T> targetdir, T targetpath)
Move a file from this directory to another directory.SeekableByteChannel
newByteChannel(T path, Set<? extends OpenOption> options, FileAttribute<?>... attrs)
Opens or creates a file in this directory, returning a seekable byte channel to access the file.SecureDirectoryStream<T>
newDirectoryStream(T path, LinkOption... options)
Opens the directory identified by the given path, returning aSecureDirectoryStream
to iterate over the entries in the directory.-
Methods inherited from interface java.nio.file.DirectoryStream
iterator
-
Methods inherited from interface java.io.Closeable
close
-
-
-
-
Method Detail
-
newDirectoryStream
SecureDirectoryStream<T> newDirectoryStream(T path, LinkOption... options) throws IOException
Opens the directory identified by the given path, returning aSecureDirectoryStream
to iterate over the entries in the directory.This method works in exactly the manner specified by the
newDirectoryStream
method for the case that thepath
parameter is anabsolute
path. When the parameter is a relative path then the directory to open is relative to this open directory. TheNOFOLLOW_LINKS
option may be used to ensure that this method fails if the file is a symbolic link.The new directory stream, once created, is not dependent upon the directory stream used to create it. Closing this directory stream has no effect upon newly created directory stream.
- Parameters:
path
- the path to the directory to openoptions
- options indicating how symbolic links are handled- Returns:
- a new and open
SecureDirectoryStream
object - Throws:
ClosedDirectoryStreamException
- if the directory stream is closedNotDirectoryException
- if the file could not otherwise be opened because it is not a directory (optional specific exception)IOException
- if an I/O error occursSecurityException
- In the case of the default provider, and a security manager is installed, thecheckRead
method is invoked to check read access to the directory.
-
newByteChannel
SeekableByteChannel newByteChannel(T path, Set<? extends OpenOption> options, FileAttribute<?>... attrs) throws IOException
Opens or creates a file in this directory, returning a seekable byte channel to access the file.This method works in exactly the manner specified by the
Files.newByteChannel
method for the case that thepath
parameter is anabsolute
path. When the parameter is a relative path then the file to open or create is relative to this open directory. In addition to the options defined by theFiles.newByteChannel
method, theNOFOLLOW_LINKS
option may be used to ensure that this method fails if the file is a symbolic link.The channel, once created, is not dependent upon the directory stream used to create it. Closing this directory stream has no effect upon the channel.
- Parameters:
path
- the path of the file to open open or createoptions
- options specifying how the file is openedattrs
- an optional list of attributes to set atomically when creating the file- Throws:
ClosedDirectoryStreamException
- if the directory stream is closedIllegalArgumentException
- if the set contains an invalid combination of optionsUnsupportedOperationException
- if an unsupported open option is specified or the array contains attributes that cannot be set atomically when creating the fileFileAlreadyExistsException
- if a file of that name already exists and theCREATE_NEW
option is specified (optional specific exception)IOException
- if an I/O error occursSecurityException
- In the case of the default provider, and a security manager is installed, thecheckRead
method is invoked to check read access to the path if the file is opened for reading. ThecheckWrite
method is invoked to check write access to the path if the file is opened for writing.
-
deleteFile
void deleteFile(T path) throws IOException
Deletes a file.Unlike the
delete()
method, this method does not first examine the file to determine if the file is a directory. Whether a directory is deleted by this method is system dependent and therefore not specified. If the file is a symbolic link, then the link itself, not the final target of the link, is deleted. When the parameter is a relative path then the file to delete is relative to this open directory.- Parameters:
path
- the path of the file to delete- Throws:
ClosedDirectoryStreamException
- if the directory stream is closedNoSuchFileException
- if the file does not exist (optional specific exception)IOException
- if an I/O error occursSecurityException
- In the case of the default provider, and a security manager is installed, thecheckDelete
method is invoked to check delete access to the file
-
deleteDirectory
void deleteDirectory(T path) throws IOException
Deletes a directory.Unlike the
delete()
method, this method does not first examine the file to determine if the file is a directory. Whether non-directories are deleted by this method is system dependent and therefore not specified. When the parameter is a relative path then the directory to delete is relative to this open directory.- Parameters:
path
- the path of the directory to delete- Throws:
ClosedDirectoryStreamException
- if the directory stream is closedNoSuchFileException
- if the directory does not exist (optional specific exception)DirectoryNotEmptyException
- if the directory could not otherwise be deleted because it is not empty (optional specific exception)IOException
- if an I/O error occursSecurityException
- In the case of the default provider, and a security manager is installed, thecheckDelete
method is invoked to check delete access to the directory
-
move
void move(T srcpath, SecureDirectoryStream<T> targetdir, T targetpath) throws IOException
Move a file from this directory to another directory.This method works in a similar manner to
move
method when theATOMIC_MOVE
option is specified. That is, this method moves a file as an atomic file system operation. If thesrcpath
parameter is anabsolute
path then it locates the source file. If the parameter is a relative path then it is located relative to this open directory. If thetargetpath
parameter is absolute then it locates the target file (thetargetdir
parameter is ignored). If the parameter is a relative path it is located relative to the open directory identified by thetargetdir
parameter. In all cases, if the target file exists then it is implementation specific if it is replaced or this method fails.- Parameters:
srcpath
- the name of the file to movetargetdir
- the destination directorytargetpath
- the name to give the file in the destination directory- Throws:
ClosedDirectoryStreamException
- if this or the target directory stream is closedFileAlreadyExistsException
- if the file already exists in the target directory and cannot be replaced (optional specific exception)AtomicMoveNotSupportedException
- if the file cannot be moved as an atomic file system operationIOException
- if an I/O error occursSecurityException
- In the case of the default provider, and a security manager is installed, thecheckWrite
method is invoked to check write access to both the source and target file.
-
getFileAttributeView
<V extends FileAttributeView> V getFileAttributeView(Class<V> type)
Returns a new file attribute view to access the file attributes of this directory.The resulting file attribute view can be used to read or update the attributes of this (open) directory. The
type
parameter specifies the type of the attribute view and the method returns an instance of that type if supported. Invoking this method to obtain aBasicFileAttributeView
always returns an instance of that class that is bound to this open directory.The state of resulting file attribute view is intimately connected to this directory stream. Once the directory stream is
closed
, then all methods to read or update attributes will throwClosedDirectoryStreamException
.- Parameters:
type
- theClass
object corresponding to the file attribute view- Returns:
- a new file attribute view of the specified type bound to
this directory stream, or
null
if the attribute view type is not available
-
getFileAttributeView
<V extends FileAttributeView> V getFileAttributeView(T path, Class<V> type, LinkOption... options)
Returns a new file attribute view to access the file attributes of a file in this directory.The resulting file attribute view can be used to read or update the attributes of file in this directory. The
type
parameter specifies the type of the attribute view and the method returns an instance of that type if supported. Invoking this method to obtain aBasicFileAttributeView
always returns an instance of that class that is bound to the file in the directory.The state of resulting file attribute view is intimately connected to this directory stream. Once the directory stream
closed
, then all methods to read or update attributes will throwClosedDirectoryStreamException
. The file is not required to exist at the time that the file attribute view is created but methods to read or update attributes of the file will fail when invoked and the file does not exist.- Parameters:
path
- the path of the filetype
- theClass
object corresponding to the file attribute viewoptions
- options indicating how symbolic links are handled- Returns:
- a new file attribute view of the specified type bound to a
this directory stream, or
null
if the attribute view type is not available
-
-
Document created the 11/06/2005, last modified the 04/03/2020
Source of the printed document:https://www.gaudry.be/en/java-api-rf-java/nio/file/SecureDirectoryStream.html
The infobrol is a personal site whose content is my sole responsibility. The text is available under CreativeCommons license (BY-NC-SA). More info on the terms of use and the author.
References
These references and links indicate documents consulted during the writing of this page, or which may provide additional information, but the authors of these sources can not be held responsible for the content of this page.
The author This site is solely responsible for the way in which the various concepts, and the freedoms that are taken with the reference works, are presented here. Remember that you must cross multiple source information to reduce the risk of errors.