Uploaded image for project: 'Hadoop Map/Reduce'
  1. Hadoop Map/Reduce
  2. MAPREDUCE-1991

taskcontroller allows stealing permissions on any local file

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Invalid
    • 0.22.0
    • 0.22.0
    • task-controller
    • None

    Description

      The linux task-controller setuid binary allows a malicious user to chmod any file on the system to 644 (and as a side effect appends some junk to the end)

      Attachments

        1. mapreduce-1991-v2.txt
          40 kB
          Todd Lipcon
        2. mapreduce-1991.txt
          40 kB
          Todd Lipcon

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            tlipcon Todd Lipcon
            tlipcon Todd Lipcon
            Votes:
            0 Vote for this issue
            Watchers:
            16 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment