accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christopher Tubbs (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-2806) Accumulo init should ensure wals and tables are not world readable
Date Wed, 14 May 2014 20:08:17 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-2806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13997967#comment-13997967
] 

Christopher Tubbs commented on ACCUMULO-2806:
---------------------------------------------

To retain the existing behavior on 1.5 and 1.6, for clients reading the instance_id directly
from HDFS (eg. the shell) instead of using client arguments/configuration to get that information
from ZooKeeper, any fix for those versions should only lock down the wals and tables directories
as this ticket describes. When client configuration options become available to instantiate
a shell without arguments, we can revisit locking down the top-level HDFS directory.

> Accumulo init should ensure wals and tables are not world readable
> ------------------------------------------------------------------
>
>                 Key: ACCUMULO-2806
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2806
>             Project: Accumulo
>          Issue Type: Bug
>    Affects Versions: 1.5.0, 1.5.1, 1.6.0
>            Reporter: Sean Busbey
>            Assignee: Sean Busbey
>            Priority: Critical
>             Fix For: 1.5.2, 1.6.1, 1.7.0
>
>
> Just did an init on a new 1.6.1-SNAP cluster, and noticed the following permissions:
> {noformat}
> dfs -ls /
> Found 4 items
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:48 /accumulo
> drwxr-xr-x   - hdfs     supergroup          0 2014-05-14 08:10 /jobtracker
> drwxrwxrwx   - hdfs     supergroup          0 2014-05-14 08:10 /tmp
> drwxr-xr-x   - hdfs     supergroup          0 2014-05-14 09:48 /user
> -bash-4.1$ hdfs dfs -ls /accumulo
> Found 3 items
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 /accumulo/instance_id
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 /accumulo/tables
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 /accumulo/version
> {noformat}
> I previously set up /accumulo as 755, under the understanding that clients need access
to /accumulo/instance_id
> things to fix
> # make init chmod tables and wals to 700, as a defensive measure to avoid data leaks
> # maybe also make sure if the trash is enabled that our user directory is also not world
readable
> # If clients don't need access to instance_id, include a check that the data dir is not
world readable
> Workaround: manually change permissions after init



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message