hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Joseph Evans (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-8461) Programatically prevent symlink attacks on hadoop pid files
Date Thu, 31 May 2012 21:30:23 GMT
Robert Joseph Evans created HADOOP-8461:
-------------------------------------------

             Summary: Programatically prevent symlink attacks on hadoop pid files
                 Key: HADOOP-8461
                 URL: https://issues.apache.org/jira/browse/HADOOP-8461
             Project: Hadoop Common
          Issue Type: Bug
    Affects Versions: 2.0.0-alpha, 1.0.3
            Reporter: Robert Joseph Evans


pid files stored in  HADOOP_PID_DIR and HADOOP_SECURE_DN_PID_DIR are vulnerable to symlink
attacks when not properly set.  We should programatically prevent symlink attacks on these
files even if the directories are set to something that others can write to.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message