Home Verkennen Help
Registreren Inloggen
liuzhangxing
/
hadoop
geforked van apache/hadoop
1
0
Vork 0
Bestanden
Bladeren bron

HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey Brotherton via Colin P. McCabe)

Colin Patrick Mccabe 9 jaren geleden
bovenliggende
da16c9b3b4
commit
6716f15964
4 gewijzigde bestanden met toevoegingen van 53 en 23 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 3 0
      hadoop-common-project/hadoop-common/CHANGES.txt
  2. 3 0
      hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
  3. 44 19
      hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
  4. 3 4
      hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java

+ 3 - 0
hadoop-common-project/hadoop-common/CHANGES.txt
Bestand weergeven 

@@ -882,6 +882,9 @@ Release 2.8.0 - UNRELEASED
 
     HADOOP-11104. org.apache.hadoop.metrics2.lib.MetricsRegistry needs numerical
 
     parameter checking. (Ray Chiang via aajisaka)
 
 
+    HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey
 
+    Brotherton via Colin P. McCabe)
 
+
 
   OPTIMIZATIONS
 
 
     HADOOP-11785. Reduce the number of listStatus operation in distcp

+ 3 - 0
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
Bestand weergeven 

@@ -92,6 +92,9 @@ public class DomainSocket implements Closeable {
 
    * misconfigurations.  System administrators do not commonly change
 
    * permissions on these paths while the server is running.
 
    *
 
+   * For more information on Security exceptions see this wiki page:
 
+   * https://wiki.apache.org/hadoop/SocketPathSecurity
 
+   *
 
    * @param path             the path to validate
 
    * @param skipComponents   the number of starting path components to skip 
    *                         validation for (used only for testing)

+ 44 - 19
hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
Bestand weergeven 

@@ -268,7 +268,7 @@ Java_org_apache_hadoop_net_unix_DomainSocket_validateSocketPathSecurity0(
 
 JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
 
 {
 
   jint utfLength;
 
-  char path[PATH_MAX], check[PATH_MAX], *token, *rest;
 
+  char path[PATH_MAX], check[PATH_MAX], *token, *rest, *rest_free;
 
   struct stat st;
 
   int ret, mode, strlenPath;
 
   uid_t uid;
 
@@ -280,6 +280,7 @@ JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
 
         "no longer than %zd UTF-8 bytes.", (sizeof(path)-1));
 
     goto done;
 
   }
 
+
 
   (*env)->GetStringUTFRegion(env, jstr, 0, utfLength, path);
 
   path [ utfLength ] = 0;
 
   jthr = (*env)->ExceptionOccurred(env);
 
@@ -304,7 +305,16 @@ JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
 
   // last one.  We don't validate the last component, since it's not supposed to
 
   // be a directory.  (If it is a directory, we will fail to create the socket
 
   // later with EISDIR or similar.)
 
-  for (check[0] = '/', check[1] = '\0', rest = path, token = "";
 
+  rest=strdup(path);
 
+  if ( rest == NULL ){
 
+    ret = errno;
 
+    jthr = newIOException(env,"memory allocation failure trying to copy a path"
 
+        " with %d length. error code %d (%s). ", strlenPath, ret, terror(ret));
 
+    goto done;
 
+  };
 
+  rest_free=rest;
 
+
 
+  for (check[0] = '/', check[1] = '\0', token = "";
 
        token && rest && rest[0];
 
        token = strtok_r(rest, "/", &rest)) {
 
     if (strcmp(check, "/") != 0) {
 
@@ -322,36 +332,51 @@ JNIEnv *env, jclass clazz, jobject jstr, jint skipComponents)
 
     }
 
     if (stat(check, &st) < 0) {
 
       ret = errno;
 
-      jthr = newIOException(env, "failed to stat a path component: '%s'.  "
 
-          "error code %d (%s)", check, ret, terror(ret));
 
+      jthr = newIOException(env, "failed to stat a path component: "
 
+          "'%s' in '%s'. error code %d (%s). "
 
+          "Ensure that the path is configured correctly.",
 
+          check, path, ret, terror(ret));
 
       goto done;
 
     }
 
     mode = st.st_mode & 0777;
 
     if (mode & 0002) {
 
-      jthr = newIOException(env, "the path component: '%s' is "
 
-        "world-writable.  Its permissions are 0%03o.  Please fix "
 
-        "this or select a different socket path.", check, mode);
 
+      jthr = newIOException(env, "The path component: '%s' in '%s' has "
 
+         "permissions 0%03o uid %ld and gid %ld. "
 
+         "It is not protected because it "
 
+         "is world-writable. This might help: 'chmod o-w %s'. "
 
+         "For more information: "
 
+         "https://wiki.apache.org/hadoop/SocketPathSecurity",
 
+         check, path, mode, (long long)st.st_uid, (long long)st.st_gid, check);
 
       goto done;
 
     }
 
     if ((mode & 0020) && (st.st_gid != 0)) {
 
-      jthr = newIOException(env, "the path component: '%s' is "
 
-        "group-writable, and the group is not root.  Its permissions are "
 
-        "0%03o, and it is owned by gid %d.  Please fix this or "
 
-        "select a different socket path.", check, mode, st.st_gid);
 
+      jthr = newIOException(env, "The path component: '%s' in '%s' has "
 
+         "permissions 0%03o uid %ld and gid %ld. "
 
+         "It is not protected because it "
 
+         "is group-writable and not owned by root. "
 
+         "This might help: 'chmod g-w %s' or 'chown root %s'. "
 
+         "For more information: "
 
+         "https://wiki.apache.org/hadoop/SocketPathSecurity",
 
+         check, path, mode, (long long)st.st_uid, (long long)st.st_gid,
 
+         check, check);
 
       goto done;
 
     }
 
-    if ((mode & 0200) && (st.st_uid != 0) &&
 
-        (st.st_uid != uid)) {
 
-      jthr = newIOException(env, "the path component: '%s' is "
 
-        "owned by a user who is not root and not you.  Your effective user "
 
-        "id is %d; the path is owned by user id %d, and its permissions are "
 
-        "0%03o.  Please fix this or select a different socket path.",
 
-        check, uid, st.st_uid, mode);
 
-        goto done;
 
+    if ((mode & 0200) && (st.st_uid != 0) && (st.st_uid != uid)) {
 
+      jthr = newIOException(env, "The path component: '%s' in '%s' has "
 
+         "permissions 0%03o uid %ld and gid %ld. "
 
+         "It is not protected because it "
 
+         "is owned by a user who is not root "
 
+         "and not the effective user: '%ld'. "
 
+         "This might help: 'chown root %s' or 'chown %ld %s'. "
 
+         "For more information: "
 
+         "https://wiki.apache.org/hadoop/SocketPathSecurity",
 
+         check, path, mode, (long long)st.st_uid, (long long)st.st_gid,
 
+         (long long)uid, check, (long long)uid, check);
 
       goto done;
 
     }
 
   }
 
 done:
 
+  if ( rest_free ) free(rest_free);
 
   if (jthr) {
 
     (*env)->Throw(env, jthr);
 
   }

+ 3 - 4
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
Bestand weergeven 

@@ -712,9 +712,8 @@ public class TestDomainSocket {
 
       try {
 
         testValidateSocketPath(prefix + "/foo/bar/baz", prefix);
 
       } catch (IOException e) {
 
-        GenericTestUtils.assertExceptionContains("/foo' is world-writable.  " +
 
-            "Its permissions are 0707.  Please fix this or select a " +
 
-            "different socket path.", e);
 
+        GenericTestUtils.assertExceptionContains("world-writable" ,e);
 
+        GenericTestUtils.assertExceptionContains("/foo'" ,e);
 
       }
 
       try {
 
         testValidateSocketPath(prefix + "/nope", prefix);
 
@@ -723,7 +722,7 @@ public class TestDomainSocket {
 
             "component: ", e);
 
       }
 
       // Root should be secure
 
-      DomainSocket.validateSocketPathSecurity0("/foo", 1);
 
+      DomainSocket.validateSocketPathSecurity0("/foo", 0);
 
     } finally {
 
       tmp.close();
 
     }