Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-11137

put up guard rails around pid and log file handling

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • scripts, security

    Description

      We should do a better job of protecting against symlink attacks in the pid and log file handling code:

      a) Change the default location to have a user or id.str component
      b) Check to make sure a pid file is actually a pid file (single line, nothing but numbers)

      ... maybe other stuff?

      Attachments

        Issue Links

        duplicates

        Bug - A problem which impairs or prevents the functions of the product. HADOOP-8461 Programatically prevent symlink attacks on hadoop pid files

        • Major - Major loss of function.
        • Resolved
        is related to

        Bug - A problem which impairs or prevents the functions of the product. HADOOP-11010 Post-9902 "Umbrella" JIRA

        • Major - Major loss of function.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            aw Allen Wittenauer
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment