RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1537019 - Make pcs run "corosync -v" probe under unprivileged user (hacluster?) to avoid DDoS'ing unpatched corosync+libqb combo
Summary: Make pcs run "corosync -v" probe under unprivileged user (hacluster?) to avoi...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pcs
Version: 7.5
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Tomas Jelinek
QA Contact: cluster-qe@redhat.com
URL:
Whiteboard:
Depends On: 1539939
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-01-22 09:40 UTC by Jan Pokorný [poki]
Modified: 2021-02-15 07:34 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-02-15 07:34:47 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1536219 0 urgent CLOSED corosync crashing on afc cluster running SAS Calibration 2021-06-10 14:16:24 UTC

Internal Links: 1536219

Description Jan Pokorný [poki] 2018-01-22 09:40:03 UTC 
Upstream report (let's discuss over there):
https://github.com/ClusterLabs/pcs/issues/158
Comment 1 Jan Pokorný [poki] 2018-01-30 09:18:41 UTC 
Note that this bug should be treated as urgent only as long as the
pcs-based management is arranged such that fix on the controlling side
(assumed to contain a fix for this) can influence the controlled side
(not necessarily containing the fix) so that it won't run "corosync -v"
as root.  Otherwise, this is just a low-prio specific item of
[bug 1539939], as the proper fix is to arrive at corosync and perhaps
libqb side -- [bug 1536219] and [bug 1539936], respectively, which
will have fixed the original trigger in the particular minor release
fully.
Comment 2 Tomas Jelinek 2018-01-31 08:18:10 UTC 
The root cause is being fixed in bz1536219.

Based on that and Jan's reasoning (a fixed controlling side cannot influence a controlled side to make it run "corosync -v" as root) I am lowering the priority of this bz.
Comment 3 Jan Pokorný [poki] 2018-02-07 10:53:42 UTC 
Apparently, hacluster user is unprivileged only as long as pacemaker
(and perhaps not alone) package is _not_ involved, and actually holds
some possibly sensitive files.

Therefore, it might make sense for pcs to (dynamically if possible)
define it's own unprivileged user that will assuredly have limited
permissions and next to no files under possesion
(relying on predefined "nobody" is wrong on multiple levels).
Comment 6 RHEL Program Management 2021-02-15 07:34:47 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.
Note You need to log in before you can comment on or make changes to this bug.