-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58671/
-----------------------------------------------------------
Review request for Ambari, Aravindan Vijayan, Di Li, and Vitalyi Brodetskyi.
Bugs: AMBARI-20825
https://issues.apache.org/jira/browse/AMBARI-20825
Repository: ambari
Description
-------
ambari-server/src/main/resources/scripts/check_ambari_permissions.py script
introduced in branch 2.5.0 and published here
(https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.5.0)
to solve Public Vulnerability:
https://nvd.nist.gov/vuln/detail/CVE-2017-5642 work sonly partially.
There is a bug and it only handles the last directory/file when there are
multiple directories/files listed.
So the vulnerability is not totally resolved.
For example files under /etc/ambari-server/conf/ such as ambari.properties are
not revised
Diffs
-----
ambari-server/src/main/resources/scripts/check_ambari_permissions.py 638f65f
Diff: https://reviews.apache.org/r/58671/diff/1/
Testing
-------
Manual testing on a 2.4.2 cluster with permission issues
Thanks,
Juanjo Marron
