Uploaded image for project: 'Hadoop Map/Reduce'
  1. Hadoop Map/Reduce
  2. MAPREDUCE-2096

Secure local filesystem IO from symlink vulnerabilities

    XMLWordPrintableJSON

Details

    • Reviewed
    • The TaskTracker now uses the libhadoop JNI library to operate securely on local files when security is enabled. Secure clusters must ensure that libhadoop.so is available to the TaskTracker.

    Description

      This JIRA is to contribute a patch developed on the private security@ mailing list.

      The vulnerability is that MR daemons occasionally open files that are located in a path where the user has write access. A malicious user may place a symlink in place of the expected file in order to cause the daemon to instead read another file on the system – one which the attacker may not naturally be able to access. This includes delegation tokens belong to other users, log files, keytabs, etc.

      Attachments

        1. secure-files-authorized-jvm-fix.txt
          2 kB
          Todd Lipcon
        2. secure-files-9.txt
          1.81 MB
          Todd Lipcon
        3. mapreduce-2096-index-oob.txt
          0.5 kB
          Todd Lipcon
        4. mapreduce-2096.txt
          24 kB
          Todd Lipcon
        5. mapreduce-2096.2.txt
          24 kB
          Todd Lipcon

        Issue Links

          Activity

            People

              tlipcon Todd Lipcon
              tlipcon Todd Lipcon
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: