Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf.
mlflow
(,)
Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the spark_udf() MLflow API is called.
Any MLflow code that uses spark_udf
would be vulnerable to this issue, for example -
from pyspark.sql import SparkSession
spark = SparkSession.builder.appName('SparkFrog').getOrCreate()
predict = mlflow.pyfunc.spark_udf(spark, 'iris_model')
No mitigations are supplied for this issue