Uploaded image for project: 'Hadoop Map/Reduce'
  1. Hadoop Map/Reduce
  2. MAPREDUCE-2096

Secure local filesystem IO from symlink vulnerabilities

    Details

    • Hadoop Flags:
      Reviewed
    • Release Note:
      The TaskTracker now uses the libhadoop JNI library to operate securely on local files when security is enabled. Secure clusters must ensure that libhadoop.so is available to the TaskTracker.

      Description

      This JIRA is to contribute a patch developed on the private security@ mailing list.

      The vulnerability is that MR daemons occasionally open files that are located in a path where the user has write access. A malicious user may place a symlink in place of the expected file in order to cause the daemon to instead read another file on the system – one which the attacker may not naturally be able to access. This includes delegation tokens belong to other users, log files, keytabs, etc.

        Attachments

        1. secure-files-9.txt
          1.81 MB
          Todd Lipcon
        2. secure-files-authorized-jvm-fix.txt
          2 kB
          Todd Lipcon
        3. mapreduce-2096-index-oob.txt
          0.5 kB
          Todd Lipcon
        4. mapreduce-2096.txt
          24 kB
          Todd Lipcon
        5. mapreduce-2096.2.txt
          24 kB
          Todd Lipcon

          Issue Links

            Activity

              People

              • Assignee:
                tlipcon Todd Lipcon
                Reporter:
                tlipcon Todd Lipcon
              • Votes:
                0 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: