----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66373/ -----------------------------------------------------------
Review request for sentry, Alexander Kolbasov, Brian Towles, kalyan kumar kalvagadda, Na Li, Steve Moist, Sergio Pena, Vadim Spector, and Xinran Tinney. Repository: sentry Description ------- MapReduce team had discovered a security vulnerability in parsing Map Reduce-Job History Server configuration. That private files owned by a user running the cluster, could be exposed. This has been applied to versions - 2.7.5, 2.8.3, 2.9.0, or 3.0.0. Since Sentry uses hadoop-common Configuration class to parse xml files, this change can be accommodated by our produce as well. Sentry upstream is currently using 2.7.2 hadoop.version and we should bump up this version to 2.7.5 to take advantage of this feature. The hadoop change involves adding a new boolean attribute restrictParser. Setting restrictParser to true will Limit XML parsing to conform with feature "http://apache.org/xml/features/disallow-doctype-decl"; This is a security feature explained here - https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet boolean restrictSystemProps is set to true Will prevent system properties from being read set XML inclusion (XInclude) to false prevent merging of xml documents With this change on hadoop side, only default resources, and hadoop-site.xml have this feature turned off, so they will be read without restricted parsing. Sentry is not listed as a default resource and would therefore have to explicitly have this property set to true. Diffs ----- pom.xml 61e0f9700 sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/authz/HBaseIndexerAuthzBinding.java d919fe702 sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/conf/HBaseIndexerAuthzConf.java cfbd37bf1 sentry-binding/sentry-binding-hive-conf/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java 8d5286cd3 sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java 6ca621022 sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/conf/SolrAuthzConf.java 0883e70fe sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/conf/SqoopAuthConf.java 7836871f6 sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryINodeAttributesProvider.java cf96df47b sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java 00b5cf608 sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/PermissionsMigrationToolCommon.java ed28b735c sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolIndexer.java c2341d322 sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java 5649f43fa sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellGeneric.java 907e1462c sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellHive.java 729a51865 sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java bf5d85b03 sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/tools/CreateSentryTestScaleData.java b234c85c5 sentry-tools/src/main/java/org/apache/sentry/shell/SentryCli.java 8b68d0d06 Diff: https://reviews.apache.org/r/66373/diff/1/ Testing ------- Thanks, Arjun Mishra
