aurora-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephan Erb <s...@apache.org>
Subject Re: Review Request 51348: Fix thermos killing heuristic to permit setuid(2).
Date Tue, 23 Aug 2016 21:36:42 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/51348/#review146578
-----------------------------------------------------------


Ship it!




Ship It!

- Stephan Erb


On Aug. 23, 2016, 10:45 p.m., Zameer Manji wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/51348/
> -----------------------------------------------------------
> 
> (Updated Aug. 23, 2016, 10:45 p.m.)
> 
> 
> Review request for Aurora, Joshua Cohen and Stephan Erb.
> 
> 
> Bugs: AURORA-1753
>     https://issues.apache.org/jira/browse/AURORA-1753
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> Previously this process killing heuristic would not allow killing of a process
> if the uid it was launched with differs from the real uid of the currently
> running process. The logic is too conservative because it doesn't factor in
> that a process launched as root can use `setuid(2)` to change it's real uid.
> 
> This patch fixes the heuristic by permitting killing of a process launched as
> root but the real uid is now not root.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/thermos/core/helper.py dda40ed71bf8d26255cdb76eae29a5978a120d41

>   src/test/python/apache/thermos/core/test_helper.py 35397abd3ec769788f166088e5455c28bb120459

> 
> Diff: https://reviews.apache.org/r/51348/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Zameer Manji
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message