airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ash Berlin-Taylor (JIRA)" <>
Subject [jira] [Updated] (AIRFLOW-2283) Explain multi-Tenant security limitations
Date Thu, 06 Sep 2018 09:37:00 GMT


Ash Berlin-Taylor updated AIRFLOW-2283:
                 Flags:   (was: Important)
    Remaining Estimate:     (was: 168h)
     Original Estimate:     (was: 168h)
           Component/s:     (was: webserver)
                            (was: security)
                            (was: scheduler)
                            (was: models)
               Summary: Explain multi-Tenant security limitations  (was: Multi-Tenant security

> Explain multi-Tenant security limitations
> -----------------------------------------
>                 Key: AIRFLOW-2283
>                 URL:
>             Project: Apache Airflow
>          Issue Type: Bug
>    Affects Versions: 1.8.0
>         Environment: Any/All
>            Reporter: Garrett Summers
>            Priority: Major
>              Labels: security
> We noticed what we think to be a potential security vulnerability when importing dag
files in the following line:
> {{m = imp.load_source(mod_name, filepath)}}
> This line in the DagBag.process_file code imports the dag files available, but this causes
all of the code in the file to actually execute (which could be any arbitrary code). If the
dags for different tenants are being stored in a common dag structure (even though the are
filtered for the different tenants) then the arbitrary code execution would make it possible
for one tenant to access/modify the dags of other tenants. This would be a major problem for
users who utilize the multi-tenant functionality in Airflow.

This message was sent by Atlassian JIRA

View raw message