[
https://issues.apache.org/jira/browse/YARN-578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13642524#comment-13642524
]
Omkar Vinit Joshi commented on YARN-578:
----------------------------------------
There are 3 issues related to symlink attacks in serving logs and ShuffleService
* Index file (file.out.index) :- [Location - SpillRecord.SpillRecord() -
FSDataInputStream ] Here we are directly trying to read from file.out.index
file (So the potential problem is that we ShuffleHandler may end up reading
files of yarn user or yarn group user. [ yarn:yarn is running nodemanager ]
* Map output file (file.out) :- [Location - ShuffleHandler.sendMapOutput() -
RandomAccessFile ] Here too we are directly accessing file.out file.
* Container Logs :- [Location - ContainerLogsPage.printLogs() - FileInputStream
] Here we are directly accessing container logs as yarn:yarn user.
At present SecureIOUtils supports only FileInputStream, so I am adding support
for 2 more streams, FSDataInputStream (This is required if you want a stream to
be position readable or seekable) and RandomAccessFile. Filing a separate JIRA
for this. HADOOP-9511
> NodeManager should use SecureIOUtils for serving logs and intermediate outputs
> ------------------------------------------------------------------------------
>
> Key: YARN-578
> URL: https://issues.apache.org/jira/browse/YARN-578
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: nodemanager
> Reporter: Vinod Kumar Vavilapalli
> Assignee: Omkar Vinit Joshi
>
> Log servlets for serving logs and the ShuffleService for serving intermediate
> outputs both should use SecureIOUtils for avoiding symlink attacks.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
