[
https://issues.apache.org/jira/browse/MAPREDUCE-2178?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13021842#comment-13021842
]
Todd Lipcon commented on MAPREDUCE-2178:
----------------------------------------
Chris has forwarded-ported this change as part of the "yahoo-merge" branch. I
think we need to cherry-pick his work from there into branch-0.22 if security
is important to us for the 0.22 release.
> Race condition in LinuxTaskController permissions handling
> ----------------------------------------------------------
>
> Key: MAPREDUCE-2178
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-2178
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: security, task-controller
> Affects Versions: 0.22.0
> Reporter: Todd Lipcon
> Priority: Blocker
> Fix For: 0.22.0
>
> Attachments:
> 0001-Amend-MAPREDUCE-2178.-Fix-racy-check-for-config-file.patch,
> 0002-Amend-MAPREDUCE-2178.-Check-argc-after-checks-for-pe.patch,
> 0003-Amend-MAPREDUCE-2178.-Check-result-of-chdir.patch,
> ac-sys-largefile.patch, mapreduce-2178-test-compile-fix.txt,
> mr-2178-error-on-launch-fail.txt, mr-2178-y20-sortof.patch,
> racy-config-check-test-changes.txt
>
>
> The linux-task-controller executable currently traverses a directory
> heirarchy and calls chown/chmod on the files inside. There is a race
> condition here which can be exploited by an attacker, causing the
> task-controller to improprly chown an arbitrary target file (via a symlink)
> to the user running a MR job. This can be exploited to escalate to root.
> [this issue was raised and discussed on the security@ list over the last
> couple of months]
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
