hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cmcc...@apache.org
Subject hadoop git commit: HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey Brotherton via Colin P. McCabe)
Date Tue, 13 Oct 2015 19:25:56 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-2 e7203b695 -> 535c903bc


HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey Brotherton via Colin
P. McCabe)

(cherry picked from commit 6716f159645639edc669900308250492dfef5641)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/535c903b
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/535c903b
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/535c903b

Branch: refs/heads/branch-2
Commit: 535c903bc6f60ca0a273d57d1af1c760352421e4
Parents: e7203b6
Author: Colin Patrick Mccabe <cmccabe@cloudera.com>
Authored: Tue Oct 13 12:18:03 2015 -0700
Committer: Colin Patrick Mccabe <cmccabe@cloudera.com>
Committed: Tue Oct 13 12:25:48 2015 -0700

----------------------------------------------------------------------
 hadoop-common-project/hadoop-common/CHANGES.txt |  3 +
 .../apache/hadoop/net/unix/DomainSocket.java    |  3 +
 .../org/apache/hadoop/net/unix/DomainSocket.c   | 63 ++++++++++++++------
 .../hadoop/net/unix/TestDomainSocket.java       |  7 +--
 4 files changed, 53 insertions(+), 23 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/535c903b/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index 897d096..c1649a7 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -297,6 +297,9 @@ Release 2.8.0 - UNRELEASED
     HADOOP-11104. org.apache.hadoop.metrics2.lib.MetricsRegistry needs numerical
     parameter checking. (Ray Chiang via aajisaka)
 
+    HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey
+    Brotherton via Colin P. McCabe)
+
   OPTIMIZATIONS
 
     HADOOP-11785. Reduce the number of listStatus operation in distcp

http://git-wip-us.apache.org/repos/asf/hadoop/blob/535c903b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
index 6166ba8..f1035e2 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
@@ -92,6 +92,9 @@ public class DomainSocket implements Closeable {
    * misconfigurations.  System administrators do not commonly change
    * permissions on these paths while the server is running.
    *
+   * For more information on Security exceptions see this wiki page:
+   * https://wiki.apache.org/hadoop/SocketPathSecurity
+   *
    * @param path             the path to validate
    * @param skipComponents   the number of starting path components to skip 
    *                         validation for (used only for testing)

http://git-wip-us.apache.org/repos/asf/hadoop/blob/535c903b/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
b/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
index e658d8f..c653a27 100644
--- a/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
+++ b/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
@@ -268,7 +268,7 @@ Java_org_apache_hadoop_net_unix_DomainSocket_validateSocketPathSecurity0(
 JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
 {
   jint utfLength;
-  char path[PATH_MAX], check[PATH_MAX], *token, *rest;
+  char path[PATH_MAX], check[PATH_MAX], *token, *rest, *rest_free;
   struct stat st;
   int ret, mode, strlenPath;
   uid_t uid;
@@ -280,6 +280,7 @@ JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
         "no longer than %zd UTF-8 bytes.", (sizeof(path)-1));
     goto done;
   }
+
   (*env)->GetStringUTFRegion(env, jstr, 0, utfLength, path);
   path [ utfLength ] = 0;
   jthr = (*env)->ExceptionOccurred(env);
@@ -304,7 +305,16 @@ JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
   // last one.  We don't validate the last component, since it's not supposed to
   // be a directory.  (If it is a directory, we will fail to create the socket
   // later with EISDIR or similar.)
-  for (check[0] = '/', check[1] = '\0', rest = path, token = "";
+  rest=strdup(path);
+  if ( rest == NULL ){
+    ret = errno;
+    jthr = newIOException(env,"memory allocation failure trying to copy a path"
+        " with %d length. error code %d (%s). ", strlenPath, ret, terror(ret));
+    goto done;
+  };
+  rest_free=rest;
+
+  for (check[0] = '/', check[1] = '\0', token = "";
        token && rest && rest[0];
        token = strtok_r(rest, "/", &rest)) {
     if (strcmp(check, "/") != 0) {
@@ -322,36 +332,51 @@ JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
     }
     if (stat(check, &st) < 0) {
       ret = errno;
-      jthr = newIOException(env, "failed to stat a path component: '%s'.  "
-          "error code %d (%s)", check, ret, terror(ret));
+      jthr = newIOException(env, "failed to stat a path component: "
+          "'%s' in '%s'. error code %d (%s). "
+          "Ensure that the path is configured correctly.",
+          check, path, ret, terror(ret));
       goto done;
     }
     mode = st.st_mode & 0777;
     if (mode & 0002) {
-      jthr = newIOException(env, "the path component: '%s' is "
-        "world-writable.  Its permissions are 0%03o.  Please fix "
-        "this or select a different socket path.", check, mode);
+      jthr = newIOException(env, "The path component: '%s' in '%s' has "
+         "permissions 0%03o uid %ld and gid %ld. "
+         "It is not protected because it "
+         "is world-writable. This might help: 'chmod o-w %s'. "
+         "For more information: "
+         "https://wiki.apache.org/hadoop/SocketPathSecurity",
+         check, path, mode, (long long)st.st_uid, (long long)st.st_gid, check);
       goto done;
     }
     if ((mode & 0020) && (st.st_gid != 0)) {
-      jthr = newIOException(env, "the path component: '%s' is "
-        "group-writable, and the group is not root.  Its permissions are "
-        "0%03o, and it is owned by gid %d.  Please fix this or "
-        "select a different socket path.", check, mode, st.st_gid);
+      jthr = newIOException(env, "The path component: '%s' in '%s' has "
+         "permissions 0%03o uid %ld and gid %ld. "
+         "It is not protected because it "
+         "is group-writable and not owned by root. "
+         "This might help: 'chmod g-w %s' or 'chown root %s'. "
+         "For more information: "
+         "https://wiki.apache.org/hadoop/SocketPathSecurity",
+         check, path, mode, (long long)st.st_uid, (long long)st.st_gid,
+         check, check);
       goto done;
     }
-    if ((mode & 0200) && (st.st_uid != 0) &&
-        (st.st_uid != uid)) {
-      jthr = newIOException(env, "the path component: '%s' is "
-        "owned by a user who is not root and not you.  Your effective user "
-        "id is %d; the path is owned by user id %d, and its permissions are "
-        "0%03o.  Please fix this or select a different socket path.",
-        check, uid, st.st_uid, mode);
-        goto done;
+    if ((mode & 0200) && (st.st_uid != 0) && (st.st_uid != uid)) {
+      jthr = newIOException(env, "The path component: '%s' in '%s' has "
+         "permissions 0%03o uid %ld and gid %ld. "
+         "It is not protected because it "
+         "is owned by a user who is not root "
+         "and not the effective user: '%ld'. "
+         "This might help: 'chown root %s' or 'chown %ld %s'. "
+         "For more information: "
+         "https://wiki.apache.org/hadoop/SocketPathSecurity",
+         check, path, mode, (long long)st.st_uid, (long long)st.st_gid,
+         (long long)uid, check, (long long)uid, check);
       goto done;
     }
   }
 done:
+  if ( rest_free ) free(rest_free);
   if (jthr) {
     (*env)->Throw(env, jthr);
   }

http://git-wip-us.apache.org/repos/asf/hadoop/blob/535c903b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
index 9fe8fae..8a5a0a4 100644
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
@@ -712,9 +712,8 @@ public class TestDomainSocket {
       try {
         testValidateSocketPath(prefix + "/foo/bar/baz", prefix);
       } catch (IOException e) {
-        GenericTestUtils.assertExceptionContains("/foo' is world-writable.  " +
-            "Its permissions are 0707.  Please fix this or select a " +
-            "different socket path.", e);
+        GenericTestUtils.assertExceptionContains("world-writable" ,e);
+        GenericTestUtils.assertExceptionContains("/foo'" ,e);
       }
       try {
         testValidateSocketPath(prefix + "/nope", prefix);
@@ -723,7 +722,7 @@ public class TestDomainSocket {
             "component: ", e);
       }
       // Root should be secure
-      DomainSocket.validateSocketPathSecurity0("/foo", 1);
+      DomainSocket.validateSocketPathSecurity0("/foo", 0);
     } finally {
       tmp.close();
     }


Mime
View raw message