hadoop-mapreduce-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Konstantin Shvachko (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (MAPREDUCE-2178) Race condition in LinuxTaskController permissions handling
Date Tue, 05 Jun 2012 02:40:23 GMT

     [ https://issues.apache.org/jira/browse/MAPREDUCE-2178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Konstantin Shvachko resolved MAPREDUCE-2178.

      Resolution: Fixed
    Release Note: 
+1 Made tiny modification. The patch removes MR-2141 from CHANGES.txt. I think it should not.
I just committed this to branch 0.22.1. Thank you Todd and Benoy.
    Hadoop Flags: Reviewed
> Race condition in LinuxTaskController permissions handling
> ----------------------------------------------------------
>                 Key: MAPREDUCE-2178
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-2178
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: security, task-controller
>    Affects Versions: 0.22.0
>            Reporter: Todd Lipcon
>            Assignee: Benoy Antony
>             Fix For: 0.22.1
>         Attachments: 0001-Amend-MAPREDUCE-2178.-Fix-racy-check-for-config-file.patch,
0002-Amend-MAPREDUCE-2178.-Check-argc-after-checks-for-pe.patch, 0003-Amend-MAPREDUCE-2178.-Check-result-of-chdir.patch,
ac-sys-largefile.patch, mapreduce-2178-test-compile-fix.txt, mr-2178-0.22.txt, mr-2178-022.patch,
mr-2178-022.patch, mr-2178-022.patch, mr-2178-error-on-launch-fail.txt, mr-2178-y20-sortof.patch,
mr-2178.patch, racy-config-check-test-changes.txt
> The linux-task-controller executable currently traverses a directory heirarchy and calls
chown/chmod on the files inside. There is a race condition here which can be exploited by
an attacker, causing the task-controller to improprly chown an arbitrary target file (via
a symlink) to the user running a MR job. This can be exploited to escalate to root.
> [this issue was raised and discussed on the security@ list over the last couple of months]

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message