[
https://issues.apache.org/jira/browse/HADOOP-13079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15272403#comment-15272403
]
Allen Wittenauer commented on HADOOP-13079:
-------------------------------------------
bq. The fact that one component has a security bug
It's not a security bug for the reasons you think it's a security bug. After
all, wc, find, du, ... tons of other UNIX commands will happily print out
terminal escape sequences with no option to turn them off. It is, however,
problematic for traditional ftpd implementations since it's a great way to
inject buffer overflows and then get root on a remote server.
bq. "Should the filename be able use control characters to hijack the admin's
GNU screen session and execute arbitrary code? I would say no, what do you say?"
... and my answer is the same as it was almost a decade ago, in some HDFS JIRA
somewhere, where a related topic came up before: HDFS would be better served by
having a limit on what consists of a legal file and directory name. With an
unlimited namespace, it's impossible to test against and impossible to protect
every scenario in which oddball characters show up. What's legal in one locale
may not be legal in another.
bq. However, it is not constructive to -1 a patch fixing a security
vulnerability without suggesting an alternate way of fixing that vulnerability.
Again: this is not fixing a security vulnerability.
bq. If this stays unfixed, it will probably get a CVE number.
Speaking of, have you located a CVE for GNU ls yet? I mean, if this 'ls
printing terminal control characters' is a security problem, surely there would
be a CVE for it and du and wc and ...
Also, are you prepared to file a CVE for *every* *single* *time* Hadoop prints
out a directory or file name to the screen? There are probably hundreds if not
thousands of places, obvious ones like 'fs -count' and less obvious ones like
'yarn logs'. This is a 'tilting at windmills' problem. It is MUCH better to
have ls blow up than be taken by surprise by something else later on.
> dfs -ls -q prints non-printable characters
> ------------------------------------------
>
> Key: HADOOP-13079
> URL: https://issues.apache.org/jira/browse/HADOOP-13079
> Project: Hadoop Common
> Issue Type: Bug
> Affects Versions: 2.6.0
> Reporter: John Zhuge
> Assignee: John Zhuge
>
> Add option {{-q}} to "hdfs dfs -ls" to print non-printable characters as "?".
> Non-printable characters are defined by
> [isprint(3)|http://linux.die.net/man/3/isprint] according to the current
> locale.
> Default to {{-q}} behavior on terminal; otherwise, print raw characters. See
> the difference in these 2 command lines:
> * {{hadoop fs -ls /dir}}
> * {{hadoop fs -ls /dir | od -c}}
> In C, {{isatty(STDOUT_FILENO)}} is used to find out whether the output is a
> terminal. Since Java doesn't have {{isatty}}, I will use JNI to call C
> {{isatty()}} because the closest test {{System.console() == null}} does not
> work in some cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
