Hadoop Map/Reduce
  1. Hadoop Map/Reduce
  2. MAPREDUCE-2178

Race condition in LinuxTaskController permissions handling

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.22.0
    • Fix Version/s: 0.22.1
    • Component/s: security, task-controller
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      The linux-task-controller executable currently traverses a directory heirarchy and calls chown/chmod on the files inside. There is a race condition here which can be exploited by an attacker, causing the task-controller to improprly chown an arbitrary target file (via a symlink) to the user running a MR job. This can be exploited to escalate to root.

      [this issue was raised and discussed on the security@ list over the last couple of months]

      1. mr-2178-y20-sortof.patch
        505 kB
        Todd Lipcon
      2. 0001-Amend-MAPREDUCE-2178.-Fix-racy-check-for-config-file.patch
        5 kB
        Todd Lipcon
      3. 0002-Amend-MAPREDUCE-2178.-Check-argc-after-checks-for-pe.patch
        1 kB
        Todd Lipcon
      4. 0003-Amend-MAPREDUCE-2178.-Check-result-of-chdir.patch
        1 kB
        Todd Lipcon
      5. ac-sys-largefile.patch
        0.9 kB
        Todd Lipcon
      6. mr-2178-error-on-launch-fail.txt
        0.6 kB
        Todd Lipcon
      7. racy-config-check-test-changes.txt
        4 kB
        Todd Lipcon
      8. mapreduce-2178-test-compile-fix.txt
        0.7 kB
        Todd Lipcon
      9. mr-2178-0.22.txt
        522 kB
        Todd Lipcon
      10. mr-2178.patch
        502 kB
        Benoy Antony
      11. mr-2178-022.patch
        605 kB
        Benoy Antony
      12. mr-2178-022.patch
        524 kB
        Benoy Antony
      13. mr-2178-022.patch
        525 kB
        Benoy Antony

        Issue Links

          Activity

          No work has yet been logged on this issue.

            People

            • Assignee:
              Benoy Antony
              Reporter:
              Todd Lipcon
            • Votes:
              0 Vote for this issue
              Watchers:
              22 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development