Red Hat Bugzilla – Bug 974624
remote-host switch allows an untrusted host to manage the trusted pool
Last modified: 2015-10-08 10:48:30 EDT
Description of problem:
client1# gluster --remote-host=server1 peer probe client1
which allows any host to add itself to the trusted peer group, or manage volumes, etc.
Any command is successful.
Untrusted hosts should not be trusted.
Use iptables to manage connectivity to the management port
'gluster --remote-host' is just insecure in its current implementation. There really is no need to even do a 'peer probe' first for malicious actions, when you can just do something like this :
gluster --remote-host=server1 volume info
gluster --remote-host=server1 volume stop myvol
gluster --remote-host=server1 volume delete myvol
No 'peer probe' needed.
*At the very least*, glusterd should restrict non-members to read-only operations (e.g. info, getspec). More generally, we should fix any remaining issues that prevent using SSL for glusterd, and protect all connections to glusterd using SSL certificates. If desired, we could implement a "bootstrap" process by which cluster members generate/acquire these certificates automatically, so the additional protection would be practically invisible to them.
GlusterFS 3.7.0 has been released (http://www.gluster.org/pipermail/gluster-users/2015-May/021901.html), and the Gluster project maintains N-2 supported releases. The last two releases before 3.7 are still maintained, at the moment these are 3.6 and 3.5.
This bug has been filed against the 3,4 release, and will not get fixed in a 3.4 version any more. Please verify if newer versions are affected with the reported problem. If that is the case, update the bug with a note, and update the version if you can. In case updating the version is not possible, leave a comment in this bug report with the version you tested, and set the "Need additional information the selected bugs from" below the comment box to "email@example.com".
If there is no response by the end of the month, this bug will get automatically closed.
GlusterFS 3.4.x has reached end-of-life.
If this bug still exists in a later release please reopen this and change the version or open a new bug.