Hadoop HDFS
  1. Hadoop HDFS
  2. HDFS-6368

TransferFsImage#receiveFile() should perform validation on fsImageName parameter

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Minor Minor
    • Resolution: Not a Problem
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Currently only null check is performed:

                if (fsImageName == null) {
                  throw new IOException("No filename header provided by server");
                }
                newLocalPaths.add(new File(localPath, fsImageName));
      

      Value of fsImageName, obtained from HttpURLConnection header, may be tainted.
      This may allow an attacker to access, modify, or test the existence of critical or sensitive files.

        Activity

        Hide
        Andrew Wang added a comment -

        Ted, note that ImageServlet#validateRequest checks that the upload comes from an authorized user. If an attacker has compromised the NN or superuser account, many other bad things can also happen.

        I guess we could still validate, but I'm inclined to close as "not a problem".

        Show
        Andrew Wang added a comment - Ted, note that ImageServlet#validateRequest checks that the upload comes from an authorized user. If an attacker has compromised the NN or superuser account, many other bad things can also happen. I guess we could still validate, but I'm inclined to close as "not a problem".
        Hide
        Andrew Wang added a comment -

        closing as not a problem, since this is only an issue if the cluster is already compromised.

        Show
        Andrew Wang added a comment - closing as not a problem, since this is only an issue if the cluster is already compromised.

          People

          • Assignee:
            Unassigned
            Reporter:
            Ted Yu
          • Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development