Hadoop Map/Reduce
  1. Hadoop Map/Reduce
  2. MAPREDUCE-2178

Race condition in LinuxTaskController permissions handling

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.22.0
    • Fix Version/s: 0.22.1
    • Component/s: security, task-controller
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      The linux-task-controller executable currently traverses a directory heirarchy and calls chown/chmod on the files inside. There is a race condition here which can be exploited by an attacker, causing the task-controller to improprly chown an arbitrary target file (via a symlink) to the user running a MR job. This can be exploited to escalate to root.

      [this issue was raised and discussed on the security@ list over the last couple of months]

      1. mr-2178-y20-sortof.patch
        505 kB
        Todd Lipcon
      2. 0001-Amend-MAPREDUCE-2178.-Fix-racy-check-for-config-file.patch
        5 kB
        Todd Lipcon
      3. 0002-Amend-MAPREDUCE-2178.-Check-argc-after-checks-for-pe.patch
        1 kB
        Todd Lipcon
      4. 0003-Amend-MAPREDUCE-2178.-Check-result-of-chdir.patch
        1 kB
        Todd Lipcon
      5. ac-sys-largefile.patch
        0.9 kB
        Todd Lipcon
      6. mr-2178-error-on-launch-fail.txt
        0.6 kB
        Todd Lipcon
      7. racy-config-check-test-changes.txt
        4 kB
        Todd Lipcon
      8. mapreduce-2178-test-compile-fix.txt
        0.7 kB
        Todd Lipcon
      9. mr-2178-0.22.txt
        522 kB
        Todd Lipcon
      10. mr-2178.patch
        502 kB
        Benoy Antony
      11. mr-2178-022.patch
        605 kB
        Benoy Antony
      12. mr-2178-022.patch
        524 kB
        Benoy Antony
      13. mr-2178-022.patch
        525 kB
        Benoy Antony

        Issue Links

          Activity

          Todd Lipcon created issue -
          Devaraj Das made changes -
          Field Original Value New Value
          Fix Version/s 0.22.0 [ 12314184 ]
          Todd Lipcon made changes -
          Link This issue incorporates MAPREDUCE-2242 [ MAPREDUCE-2242 ]
          Todd Lipcon made changes -
          Attachment mr-2178-y20-sortof.patch [ 12470892 ]
          Todd Lipcon made changes -
          Attachment ac-sys-largefile.patch [ 12470902 ]
          Todd Lipcon made changes -
          Attachment mr-2178-error-on-launch-fail.txt [ 12471215 ]
          Todd Lipcon made changes -
          Attachment racy-config-check-test-changes.txt [ 12472481 ]
          Todd Lipcon made changes -
          Link This issue blocks MAPREDUCE-2371 [ MAPREDUCE-2371 ]
          Tom White made changes -
          Link This issue blocks MAPREDUCE-2373 [ MAPREDUCE-2373 ]
          Todd Lipcon made changes -
          Link This issue blocks MAPREDUCE-2376 [ MAPREDUCE-2376 ]
          Todd Lipcon made changes -
          Attachment mapreduce-2178-test-compile-fix.txt [ 12473433 ]
          Todd Lipcon made changes -
          Link This issue blocks MAPREDUCE-2266 [ MAPREDUCE-2266 ]
          Todd Lipcon made changes -
          Attachment mr-2178-0.22.txt [ 12480720 ]
          Todd Lipcon made changes -
          Link This issue is blocked by HADOOP-7338 [ HADOOP-7338 ]
          Nigel Daley made changes -
          Assignee Devaraj Das [ devaraj ]
          Konstantin Shvachko made changes -
          Priority Blocker [ 1 ] Major [ 3 ]
          Konstantin Shvachko made changes -
          Fix Version/s 0.22.1 [ 12319242 ]
          Fix Version/s 0.22.0 [ 12314184 ]
          Benoy Antony made changes -
          Link This issue is depended upon by HADOOP-8357 [ HADOOP-8357 ]
          Benoy Antony made changes -
          Attachment mr-2178.patch [ 12526239 ]
          Benoy Antony made changes -
          Attachment mr-2178-022.patch [ 12526407 ]
          Benoy Antony made changes -
          Attachment mr-2178-022.patch [ 12526424 ]
          Benoy Antony made changes -
          Attachment mr-2178-022.patch [ 12528530 ]
          Konstantin Shvachko made changes -
          Assignee Devaraj Das [ devaraj ] Benoy Antony [ benoyantony ]
          Konstantin Shvachko made changes -
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Resolved [ 5 ]
          Hadoop Flags Reviewed [ 10343 ]
          Release Note +1 Made tiny modification. The patch removes MR-2141 from CHANGES.txt. I think it should not.
          I just committed this to branch 0.22.1. Thank you Todd and Benoy.
          Konstantin Shvachko made changes -
          Release Note +1 Made tiny modification. The patch removes MR-2141 from CHANGES.txt. I think it should not.
          I just committed this to branch 0.22.1. Thank you Todd and Benoy.
          Gavin made changes -
          Link This issue blocks MAPREDUCE-2373 [ MAPREDUCE-2373 ]
          Gavin made changes -
          Link This issue is depended upon by MAPREDUCE-2373 [ MAPREDUCE-2373 ]

            People

            • Assignee:
              Benoy Antony
              Reporter:
              Todd Lipcon
            • Votes:
              0 Vote for this issue
              Watchers:
              22 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development