Return-Path: X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7C92F117A5 for ; Thu, 15 May 2014 03:12:20 +0000 (UTC) Received: (qmail 14199 invoked by uid 500); 14 May 2014 20:08:17 -0000 Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org Received: (qmail 14043 invoked by uid 500); 14 May 2014 20:08:17 -0000 Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jira@apache.org Delivered-To: mailing list notifications@accumulo.apache.org Received: (qmail 13980 invoked by uid 99); 14 May 2014 20:08:17 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 May 2014 20:08:17 +0000 Date: Wed, 14 May 2014 20:08:17 +0000 (UTC) From: "Christopher Tubbs (JIRA)" To: notifications@accumulo.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ACCUMULO-2806) Accumulo init should ensure wals and tables are not world readable MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/ACCUMULO-2806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13997967#comment-13997967 ] Christopher Tubbs commented on ACCUMULO-2806: --------------------------------------------- To retain the existing behavior on 1.5 and 1.6, for clients reading the instance_id directly from HDFS (eg. the shell) instead of using client arguments/configuration to get that information from ZooKeeper, any fix for those versions should only lock down the wals and tables directories as this ticket describes. When client configuration options become available to instantiate a shell without arguments, we can revisit locking down the top-level HDFS directory. > Accumulo init should ensure wals and tables are not world readable > ------------------------------------------------------------------ > > Key: ACCUMULO-2806 > URL: https://issues.apache.org/jira/browse/ACCUMULO-2806 > Project: Accumulo > Issue Type: Bug > Affects Versions: 1.5.0, 1.5.1, 1.6.0 > Reporter: Sean Busbey > Assignee: Sean Busbey > Priority: Critical > Fix For: 1.5.2, 1.6.1, 1.7.0 > > > Just did an init on a new 1.6.1-SNAP cluster, and noticed the following permissions: > {noformat} > dfs -ls / > Found 4 items > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:48 /accumulo > drwxr-xr-x - hdfs supergroup 0 2014-05-14 08:10 /jobtracker > drwxrwxrwx - hdfs supergroup 0 2014-05-14 08:10 /tmp > drwxr-xr-x - hdfs supergroup 0 2014-05-14 09:48 /user > -bash-4.1$ hdfs dfs -ls /accumulo > Found 3 items > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:55 /accumulo/instance_id > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:55 /accumulo/tables > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:55 /accumulo/version > {noformat} > I previously set up /accumulo as 755, under the understanding that clients need access to /accumulo/instance_id > things to fix > # make init chmod tables and wals to 700, as a defensive measure to avoid data leaks > # maybe also make sure if the trash is enabled that our user directory is also not world readable > # If clients don't need access to instance_id, include a check that the data dir is not world readable > Workaround: manually change permissions after init -- This message was sent by Atlassian JIRA (v6.2#6252)