[jira] [Commented] (ACCUMULO-2806) Accumulo init should ensure wals and tables are not world readable

Thu, 15 May 2014 08:56:33 -0700 

    [ 
https://issues.apache.org/jira/browse/ACCUMULO-2806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13997967#comment-13997967
 ] 

Christopher Tubbs commented on ACCUMULO-2806:
---------------------------------------------

To retain the existing behavior on 1.5 and 1.6, for clients reading the 
instance_id directly from HDFS (eg. the shell) instead of using client 
arguments/configuration to get that information from ZooKeeper, any fix for 
those versions should only lock down the wals and tables directories as this 
ticket describes. When client configuration options become available to 
instantiate a shell without arguments, we can revisit locking down the 
top-level HDFS directory.

> Accumulo init should ensure wals and tables are not world readable
> ------------------------------------------------------------------
>
>                 Key: ACCUMULO-2806
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2806
>             Project: Accumulo
>          Issue Type: Bug
>    Affects Versions: 1.5.0, 1.5.1, 1.6.0
>            Reporter: Sean Busbey
>            Assignee: Sean Busbey
>            Priority: Critical
>             Fix For: 1.5.2, 1.6.1, 1.7.0
>
>
> Just did an init on a new 1.6.1-SNAP cluster, and noticed the following 
> permissions:
> {noformat}
> dfs -ls /
> Found 4 items
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:48 /accumulo
> drwxr-xr-x   - hdfs     supergroup          0 2014-05-14 08:10 /jobtracker
> drwxrwxrwx   - hdfs     supergroup          0 2014-05-14 08:10 /tmp
> drwxr-xr-x   - hdfs     supergroup          0 2014-05-14 09:48 /user
> -bash-4.1$ hdfs dfs -ls /accumulo
> Found 3 items
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 
> /accumulo/instance_id
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 
> /accumulo/tables
> drwxr-xr-x   - accumulo supergroup          0 2014-05-14 09:55 
> /accumulo/version
> {noformat}
> I previously set up /accumulo as 755, under the understanding that clients 
> need access to /accumulo/instance_id
> things to fix
> # make init chmod tables and wals to 700, as a defensive measure to avoid 
> data leaks
> # maybe also make sure if the trash is enabled that our user directory is 
> also not world readable
> # If clients don't need access to instance_id, include a check that the data 
> dir is not world readable
> Workaround: manually change permissions after init



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to