The encryption key/secret used to encrypt the intermediate data generated by an Apache Hadoop MapReduce job is stored as a token in the job’s credentials and are subsequently serialized to disk ( without any additional encryption/protection ) into the machine's local dirs. A malicious user who has access to this credentials file can load the tokens from the file, read the secret and then decrypt the intermediate data which is also stored in machine local dirs. External reference: http://seclists.org/oss-sec/2016/q1/344
Created hadoop tracking bugs for this issue: Affects: fedora-all [bug 1308836]
This vulnerability apply to a feature added to Hadoop in 2.6.x versions, which are not available in Fedora, which currently packages 2.4.1. The workaround is to avoid using this feature. The vulnerability is addressed in 2.7.x.