hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hemanth Yamijala (JIRA)" <j...@apache.org>
Subject [jira] Commented: (MAPREDUCE-1991) taskcontroller allows stealing permissions on any local file
Date Tue, 03 Aug 2010 04:57:19 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-1991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894820#action_12894820

Hemanth Yamijala commented on MAPREDUCE-1991:

The -l option is to enable logging in the taskcontroller. AFAIK, we have never really used
this. Should we knock it out ? Otherwise, moving the check for taskcontroller permissions
before the opening of the log file will possibly fix this issue. Note that we do protect against
some misconfiguration already. It just happens after the log file option is processed.

> taskcontroller allows stealing permissions on any local file
> ------------------------------------------------------------
>                 Key: MAPREDUCE-1991
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-1991
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: task-controller
>    Affects Versions: 0.21.0, 0.22.0
>            Reporter: Todd Lipcon
>            Priority: Blocker
> The linux task-controller setuid binary allows a malicious user to chmod any file on
the system to 644 (and as a side effect appends some junk to the end)

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message