From c93ade55ce9794952b372b91aff7bc380b49fd52 Mon Sep 17 00:00:00 2001 From: Amar Tumballi Date: Sun, 7 Oct 2018 11:45:35 +0530 Subject: [PATCH 394/399] io-stats: prevent taking file dump on server side By allowing clients taking dump in a file on brick process, we are allowing compromised clients to create io-stats dumps on server, which can exhaust all the available inodes. Fixes: CVE-2018-14659 BUG: 1636305 Change-Id: I64fc530363b78f849011eb3c91355566ee0c485b Signed-off-by: Amar Tumballi Reviewed-on: https://code.engineering.redhat.com/gerrit/152024 Reviewed-by: Sunil Kumar Heggodu Gopala Acharya --- xlators/debug/io-stats/src/io-stats.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/xlators/debug/io-stats/src/io-stats.c b/xlators/debug/io-stats/src/io-stats.c index 16a11df..0f71334 100644 --- a/xlators/debug/io-stats/src/io-stats.c +++ b/xlators/debug/io-stats/src/io-stats.c @@ -3022,6 +3022,15 @@ conditional_dump (dict_t *dict, char *key, data_t *value, void *data) stub = data; this = stub->this; + /* Don't do this on 'brick-side', only do this on client side */ + /* Addresses CVE-2018-14659 */ + if (this->ctx->process_mode != GF_CLIENT_PROCESS) { + gf_log(this->name, GF_LOG_DEBUG, + "taking io-stats dump using setxattr not permitted on brick." + " Use 'gluster profile' instead"); + return -1; + } + /* Create a file name that is appended with the io-stats instance name as well. This helps when there is more than a single io-stats instance in the graph, or the client and server processes are running -- 1.8.3.1