Sumit Agrawal created HDDS-7552:
-----------------------------------
Summary: Malicious client writing container to another DN can
cause dataloss
Key: HDDS-7552
URL: https://issues.apache.org/jira/browse/HDDS-7552
Project: Apache Ozone
Issue Type: Bug
Reporter: Sumit Agrawal
When raw or malicious client write container block to DN for which it is not
intended can cause data loss.
Steps:
# Client is having old pipeline P1 with DN1,DN2,DN3
# Client get new pipeline from OM, P2 with DN4,DN5,DN6 For Block: Container 5
# Client write Block to P1 (not intended), which will create Container 5 in
DN1,DN2,DN3
# DN1,DN2,DN3 notify SCM for replica of Container 5
# Currently these replica will be added with transactionId
This malicious addition of replica with mismatching transaction as compared to
DN4,DN5,DN6 will be in-consistent, and further can cause dataloss, when
container is closed and replication task handle for over replica/under replica
This case will cause malicious behavior and data loss; and handling is required.
1) SCM should reject replica addition and based on flag take action of delete
container or warn log. (Similar to unknown container HDS-3241)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
