summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAmar Tumballi <amarts@redhat.com>2018-11-06 22:38:17 +0530
committerShyamsundar Ranganathan <srangana@redhat.com>2018-11-08 15:48:54 +0000
commit7462a4dd92ea97b399d2321973ecdff0791ce3bd (patch)
treef5e803bcc8e99c2a4536f277fa39b94559ebf05c
parent2308c6368cc08b38021acd228f461ce45a2a15c6 (diff)
io-stats: prevent taking file dump on server side
By allowing clients taking dump in a file on brick process, we are allowing compromised clients to create io-stats dumps on server, which can exhaust all the available inodes. Fixes: CVE-2018-14659 Fixes: bz#1647665 Change-Id: I32bfde9d4fe646d819a45e627805b928cae2e1ca Signed-off-by: Amar Tumballi <amarts@redhat.com>
-rw-r--r--xlators/debug/io-stats/src/io-stats.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/xlators/debug/io-stats/src/io-stats.c b/xlators/debug/io-stats/src/io-stats.c
index 4c6b91dcdc9..3ea0ccdf3d6 100644
--- a/xlators/debug/io-stats/src/io-stats.c
+++ b/xlators/debug/io-stats/src/io-stats.c
@@ -2925,6 +2925,15 @@ conditional_dump(dict_t *dict, char *key, data_t *value, void *data)
this = stub->this;
conf = this->private;
+ /* Don't do this on 'brick-side', only do this on client side */
+ /* Addresses CVE-2018-14659 */
+ if (this->ctx->process_mode != GF_CLIENT_PROCESS) {
+ gf_log(this->name, GF_LOG_DEBUG,
+ "taking io-stats dump using setxattr not permitted on brick."
+ " Use 'gluster profile' instead");
+ return -1;
+ }
+
/* Create a file name that is appended with the io-stats instance
name as well. This helps when there is more than a single io-stats
instance in the graph, or the client and server processes are running