Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-11137

put up guard rails around pid and log file handling

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • scripts, security

    Description

      We should do a better job of protecting against symlink attacks in the pid and log file handling code:

      a) Change the default location to have a user or id.str component
      b) Check to make sure a pid file is actually a pid file (single line, nothing but numbers)

      ... maybe other stuff?

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              aw Allen Wittenauer
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: