# File Output Policy

GSQL restricts where a query can produce output to files through a file output policy. The policy consists of an allowlist and a blocklist.

• GSQL queries must only output to the directories and their descendants or the files indicated by paths in the allowlist.

• GSQL queries cannot output to the directories and their descendants or the files indicated by paths in the blocklist. The blocklist takes precedence over the allowlist.

By default, the file output policy allows outputs to all files.

## `GSQL.FileOutputPolicy`

The file output policy is implemented through the system configuration parameter`GSQL.FileOutputPolicy`, which is a JSON array of strings that represents a list of paths:

• If there is an exclamation mark (`!`) preceding a path, the path is on the blocklist.

• If there is no exclamation mark preceding a path, the path is on the allowlist.

### Example

For example, if the value for `GSQL.FileOutputPolicy` is `["/home/tigergraph", "!/home/tigergraph/documents", "!/home/tigergraph/desktop"]`, then below are the paths on the white list and on the black list:

• allowlist: `/home/tigergraph` and all its descendants

• blocklist: `/home/tigergraph/documents, /home/tigergraph/desktop` and all their descendants.

Since the blocklist takes precedence, GSQL will allow queries to write to all files and directories under `/home/tigergraph` except the `documents` and `destktop` folders.

## Edit the file output policy

1. To edit the file policy, ensure that you are logged in as the TigerGraph Linux user, and run the following command:

``$gadmin config entry GSQL.FileOutputPolicy`` 2. In the prompt, enter the new value for the parameter: ``````GSQL.FileOutputPolicy [ ["/"] ]: The policy to control file outputs in GSQL queries New: ["/home/tigergraph", "!/home/tigergraph/app"] # allowlist: /home/tigergraph and all its descendants # blocklist: /home/tigergraph/app and all its descendants # Effect: GSQL can output to /home/tigergraph and all its descendants except /home/tigergraph/app`````` 3. Apply the new configurations and restart GSQL ``````$ gadmin config apply

After implementing the file output policy, queries that write to paths that are not on the allowlist are forbidden:

``````GSQL > BEGIN
GSQL > CREATE QUERY fileOutput() FOR GRAPH tpc_graph {
GSQL >   FILE f ("/home/documents/data.txt");
GSQL > }
GSQL > END

Semantic Check Error in query fileOutput (SEM-2502): line 2, col 7
The path '/home/documents/data.txt' is not allowed by the file output policy.
Failed to create queries: [fileOutput].``````
 If a `FILE` object is defined with an empty string, GSQL regards it as a null file. The file output policy will not block the definition of the `FILE` object, but writing to a null file would cause a runtime error.

Additionally, queries that write to paths on the allowlist, but also on the blocklist are also forbidden:

``````GSQL > BEGIN
GSQL > CREATE QUERY fileOutput() FOR GRAPH tpc_graph {
GSQL >   FILE f ("/home/tigergraph/app/data.txt");
GSQL > }
GSQL > END

Semantic Check Error in query fileOutput (SEM-2502): line 3, col 7
The path '/home/tigergraph/app/data.txt' is not allowed by the file output
policy.