Re: Review Request 57625: Minor refactoring and clean up in ambari-server

Robert Levas Wed, 15 Mar 2017 06:51:41 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57625/#review169004
-----------------------------------------------------------



Fix it, then Ship it!




Ship It!


ambari-server/src/main/assemblies/server.xml
Lines 376 (patched)
<https://reviews.apache.org/r/57625/#comment241332>

    This could be '644' since it is a txt file and does not need to be 
executable. But 755 will suffice.  Maybe if you make other changes and you 
remember, you change this.



ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java
Lines 166-167 (patched)
<https://reviews.apache.org/r/57625/#comment241333>

    This is really dangerous and could be considered a security issue.  Same 
with the previous `runcommand` calls.  We need to see what happens if 
`security.server.keys_dir` is set to something like
    
    ```
    ;touch /tmp/security_issue;
    ```


- Robert Levas


On March 14, 2017, 6:35 p.m., Vitalyi Brodetskyi wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57625/
> -----------------------------------------------------------
> 
> (Updated March 14, 2017, 6:35 p.m.)
> 
> 
> Review request for Ambari, Robert Levas, Sumit Mohanty, Sid Wagle, and Yusaku 
> Sako.
> 
> 
> Bugs: AMBARI-20453
>     https://issues.apache.org/jira/browse/AMBARI-20453
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> Minor refactoring and clean up in ambari-server
> 
> 
> Diffs
> -----
> 
>   ambari-server/src/main/assemblies/server.xml 768ba68 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java
>  8d54acb 
>   ambari-server/src/main/package/rpm/postinstall.sh 1e8e0f0 
>   ambari-server/src/main/python/ambari_server/resourceFilesKeeper.py 188f3ff 
>   ambari-server/src/main/python/ambari_server/serverConfiguration.py 3dd165b 
>   ambari-server/src/main/resources/scripts/check_ambari_permissions.py 
> PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/57625/diff/1/
> 
> 
> Testing
> -------
> 
> mvn clean test
> 
> 
> Thanks,
> 
> Vitalyi Brodetskyi
> 
>

Re: Review Request 57625: Minor refactoring and clean up in ambari-server

Reply via email to