Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[core][state][log] Cherry pick changes to prevent state API from reading files outside the Ray log directory #41520

Merged
merged 2 commits into from
Nov 30, 2023
Merged

[core][state][log] Cherry pick changes to prevent state API from reading files outside the Ray log directory #41520

merged 2 commits into from
Nov 30, 2023

Conversation

edoakes
Copy link
Contributor

@edoakes edoakes commented Nov 30, 2023

Why are these changes needed?

Cherry-pick two related PRs:

Related issue number

Checks

  • I've signed off every commit(by using the -s flag, i.e., git commit -s) in this PR.
  • I've run scripts/format.sh to lint the changes in this PR.
  • I've included any doc changes needed for https://docs.ray.io/en/master/.
    • I've added any new APIs to the API Reference. For example, if I added a
      method in Tune, I've added it in doc/source/tune/api/ under the
      corresponding .rst file.
  • I've made sure the tests are passing. Note that there might be a few flaky tests, see the recent failures at https://flakey-tests.ray.io/
  • Testing Strategy
    • Unit tests
    • Release tests
    • This PR is not tested :(

rickyyx and others added 2 commits November 29, 2023 20:49
@rickyyx @edoakes
[core][state][log] State API should not allow reading files outside o…
bf4584a 
…f the ray log directory on all ray nodes. (ray-project#41467)

State API log retrieval has a security bug where one could pass:

relative paths like "../../../xxx" to get file outside of ray's log dir
absolute path that's refers to other files to get file somewhere else.
This PR fixes both issues such that one could only read logs under the ray logs directory.

---------

Signed-off-by: rickyyx <rickyx@anyscale.com>
Signed-off-by: Edward Oakes <ed.nmi.oakes@gmail.com>
@edoakes
[core][state][log] Enable following symlinks that point outside of th…
5525dee 
…e `root_log_dir` when resolving paths (ray-project#41502)

Follow-up to: ray-project#41467. The change incidentally broke log retrieval on mac os because /tmp is a symlink to /private/tmp.

This PR avoids resolving the symlink until after we do the subdir check. This solves the mac os problem and generically enables file paths that contain symlinks outside of the root_log_dir.

---------

Signed-off-by: Edward Oakes <ed.nmi.oakes@gmail.com>
aslonnie
aslonnie approved these changes Nov 30, 2023
View reviewed changes
Copy link
Collaborator

@aslonnie aslonnie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tests results look good to me so far.

@aslonnie
Copy link
Collaborator

@edoakes are there going to be more changes, or is this ready to merge?

@pcmoritz
Copy link
Contributor

Since this is just cherry picking the PRs, I think we can just merge it whenever the tests look good -- I also kicked off the macOS ones but we probably don't need to block on that :)

@pcmoritz pcmoritz merged commit 7459639 into ray-project:releases/2.8.1 Nov 30, 2023
47 of 58 checks passed
@edoakes
Copy link
Contributor Author

edoakes commented Nov 30, 2023

No further changes from me, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pcmoritz pcmoritz pcmoritz approved these changes

@aslonnie aslonnie aslonnie approved these changes

@rickyyx rickyyx Awaiting requested review from rickyyx

@rkooo567 rkooo567 Awaiting requested review from rkooo567

@thomasdesr thomasdesr Awaiting requested review from thomasdesr

Assignees

@aslonnie aslonnie

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@edoakes @aslonnie @pcmoritz @rickyyx