aurora-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephan Erb (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AURORA-1641) Shell health checker is running as root
Date Tue, 15 Mar 2016 22:22:33 GMT
Stephan Erb created AURORA-1641:
-----------------------------------

             Summary: Shell health checker is running as root
                 Key: AURORA-1641
                 URL: https://issues.apache.org/jira/browse/AURORA-1641
             Project: Aurora
          Issue Type: Story
          Components: Executor, Security
            Reporter: Stephan Erb
            Priority: Blocker


As the operator of an Aurora cluster, I have to guarantee that users can run commands only
with the privileges of their {{role}}. The new health checker feature is risky in that regard,
as it runs all health check commands with the privileges of the Thermos runner. In most common
deployments this is root.

The Thermos runner supports various means for setting the uid/user/role that is used to run
user processes. The same configuration should also apply to the user-defined health checking
command.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message