aurora-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zameer Manji <zma...@apache.org>
Subject Review Request 51348: Fix thermos killing heuristic to permit setuid(2).
Date Tue, 23 Aug 2016 20:45:18 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/51348/
-----------------------------------------------------------

Review request for Aurora, Joshua Cohen and Stephan Erb.


Bugs: AURORA-1753
    https://issues.apache.org/jira/browse/AURORA-1753


Repository: aurora


Description
-------

Previously this process killing heuristic would not allow killing of a process
if the uid it was launched with differs from the real uid of the currently
running process. The logic is too conservative because it doesn't factor in
that a process launched as root can use `setuid(2)` to change it's real uid.

This patch fixes the heuristic by permitting killing of a process launched as
root but the real uid is now not root.


Diffs
-----

  src/main/python/apache/thermos/core/helper.py dda40ed71bf8d26255cdb76eae29a5978a120d41 
  src/test/python/apache/thermos/core/test_helper.py 35397abd3ec769788f166088e5455c28bb120459


Diff: https://reviews.apache.org/r/51348/diff/


Testing
-------


Thanks,

Zameer Manji


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message