[ https://issues.apache.org/jira/browse/HADOOP-18235?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17678275#comment-17678275 ]
ASF GitHub Bot commented on HADOOP-18235: ----------------------------------------- steveloughran commented on PR #4998: URL: https://github.com/apache/hadoop/pull/4998#issuecomment-1387207281 where are we with this patch? can/should we get it into 3.3.5 > vulnerability: we may leak sensitive information in LocalKeyStoreProvider > -------------------------------------------------------------------------- > > Key: HADOOP-18235 > URL: https://issues.apache.org/jira/browse/HADOOP-18235 > Project: Hadoop Common > Issue Type: Bug > Reporter: lujie > Assignee: Clay B. > Priority: Critical > Labels: pull-request-available > > Currently, we implement flush like: > {code:java} > // public void flush() throws IOException { > super.flush(); > if (LOG.isDebugEnabled()) { > LOG.debug("Resetting permissions to '" + permissions + "'"); > } > if (!Shell.WINDOWS) { > Files.setPosixFilePermissions(Paths.get(file.getCanonicalPath()), > permissions); > } else { > // FsPermission expects a 10-character string because of the leading > // directory indicator, i.e. "drwx------". The JDK toString method > returns > // a 9-character string, so prepend a leading character. > FsPermission fsPermission = FsPermission.valueOf( > "-" + PosixFilePermissions.toString(permissions)); > FileUtil.setPermission(file, fsPermission); > } > } {code} > we wirite the Credential first, then set permission. > The correct order is setPermission first, then write Credential . > Otherswise, we may leak Credential . For example, the origin perms of file is > 755(default on linux), when the Credential is flushed, Credential can be > leaked when > > 1)between flush and setPermission, others have a chance to access the file. > 2) CredentialShell(or the machine node ) crash between flush and > setPermission, the file permission is 755 for ever before we run the > CredentialShell again. > -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org