accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Vines (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-2806) Accumulo init should ensure wals and tables are not world readable
Date Thu, 18 Dec 2014 15:57:13 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-2806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14251840#comment-14251840
] 

John Vines commented on ACCUMULO-2806:
--------------------------------------

I don't think so. Users can config their system around this issue so it's not like there's
no solution.

> Accumulo init should ensure wals and tables are not world readable
> ------------------------------------------------------------------
>
>                 Key: ACCUMULO-2806
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2806
>             Project: Accumulo
>          Issue Type: Bug
>    Affects Versions: 1.5.0, 1.5.1, 1.6.0
>            Reporter: Sean Busbey
>            Priority: Critical
>             Fix For: 1.5.3, 1.7.0, 1.6.3
>
>
> Just did an init on a new 1.6.1-SNAP cluster, and noticed the following permissions:
> {noformat}
> dfs -ls /
> Found 4 items
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:48 /accumulo
> drwxr-xr-x   - hdfs     supergroup          0 2014-05-14 08:10 /jobtracker
> drwxrwxrwx   - hdfs     supergroup          0 2014-05-14 08:10 /tmp
> drwxr-xr-x   - hdfs     supergroup          0 2014-05-14 09:48 /user
> -bash-4.1$ hdfs dfs -ls /accumulo
> Found 3 items
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 /accumulo/instance_id
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 /accumulo/tables
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 /accumulo/version
> {noformat}
> I previously set up /accumulo as 755, under the understanding that clients need access
to /accumulo/instance_id
> things to fix
> # make init chmod tables and wals to 700, as a defensive measure to avoid data leaks
> # maybe also make sure if the trash is enabled that our user directory is also not world
readable
> # If clients don't need access to instance_id, include a check that the data dir is not
world readable
> Workaround: manually change permissions after init



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message