Return-Path: Delivered-To: apmail-hadoop-mapreduce-issues-archive@minotaur.apache.org Received: (qmail 285 invoked from network); 3 Aug 2010 05:04:43 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 3 Aug 2010 05:04:43 -0000 Received: (qmail 62230 invoked by uid 500); 3 Aug 2010 05:04:43 -0000 Delivered-To: apmail-hadoop-mapreduce-issues-archive@hadoop.apache.org Received: (qmail 61991 invoked by uid 500); 3 Aug 2010 05:04:41 -0000 Mailing-List: contact mapreduce-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: mapreduce-issues@hadoop.apache.org Delivered-To: mailing list mapreduce-issues@hadoop.apache.org Received: (qmail 61983 invoked by uid 99); 3 Aug 2010 05:04:40 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Aug 2010 05:04:40 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Aug 2010 05:04:39 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o7354Jhg010451 for ; Tue, 3 Aug 2010 05:04:19 GMT Message-ID: <28276596.133651280811859540.JavaMail.jira@thor> Date: Tue, 3 Aug 2010 01:04:19 -0400 (EDT) From: "Todd Lipcon (JIRA)" To: mapreduce-issues@hadoop.apache.org Subject: [jira] Commented: (MAPREDUCE-1991) taskcontroller allows stealing permissions on any local file In-Reply-To: <27363387.131761280802257964.JavaMail.jira@thor> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/MAPREDUCE-1991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894824#action_12894824 ] Todd Lipcon commented on MAPREDUCE-1991: ---------------------------------------- Yea, I think switching the order of the checks should be good enough. Or if it's not used, let's get rid of it - this code is scary since it's mostly running as root, so the simpler we can make it, the better! If it's still useful, could we open the log file as the tasktracker user instead of as root? We can always setuid down to the mapred user, then setuid back up to root when we need it. > taskcontroller allows stealing permissions on any local file > ------------------------------------------------------------ > > Key: MAPREDUCE-1991 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-1991 > Project: Hadoop Map/Reduce > Issue Type: Bug > Components: task-controller > Affects Versions: 0.21.0, 0.22.0 > Reporter: Todd Lipcon > Priority: Blocker > > The linux task-controller setuid binary allows a malicious user to chmod any file on the system to 644 (and as a side effect appends some junk to the end) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.