Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Reply-To: common-dev@hadoop.apache.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1077683 - in
 /hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred:
 LinuxTaskController.java TaskController.java
Date: Fri, 04 Mar 2011 04:44:04 -0000
To: common-commits@hadoop.apache.org
From: omalley@apache.org
Message-Id: <20110304044404.B01402388B42@eris.apache.org>

Author: omalley
Date: Fri Mar  4 04:44:04 2011
New Revision: 1077683

URL: http://svn.apache.org/viewvc?rev=1077683&view=rev
Log:
commit b9e954c8cf62cbb6117ef5a97628ab58eb531453
Author: Devaraj Das <ddas@yahoo-inc.com>
Date:   Fri Sep 17 00:37:12 2010 -0700

    : Fixes task log servlet vulnerabilities via symlinks. Contributed by Todd Lipcon and Devaraj Das.
    
    +++ b/YAHOO-CHANGES.txt
    +    : Fixes task log servlet vulnerabilities via symlinks.
    +    (Todd Lipcon and Devaraj Das)
    +
    +    , : Write task initialization to avoid race conditions
    +    leading to privilege escalation and resource leakage by performing more acti
    +    as the user. Owen O'Malley, Devaraj Das, Chris Douglas
    +

Modified:
    hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/LinuxTaskController.java
    hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/TaskController.java

Modified: hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/LinuxTaskController.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/LinuxTaskController.java?rev=1077683&r1=1077682&r2=1077683&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/LinuxTaskController.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/LinuxTaskController.java Fri Mar  4 04:44:04 2011
@@ -317,5 +317,10 @@ class LinuxTaskController extends TaskCo
       }
     }
   }
+
+  @Override
+  public String getRunAsUser(JobConf conf) {
+    return conf.getUser();
+  }
 }
 

Modified: hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/TaskController.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/TaskController.java?rev=1077683&r1=1077682&r2=1077683&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/TaskController.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/mapred/org/apache/hadoop/mapred/TaskController.java Fri Mar  4 04:44:04 2011
@@ -169,6 +169,13 @@ public abstract class TaskController imp
       }
     }
   }
+  
+   /**
+    * Returns the local unix user that a given job will run as.
+    */
+   public String getRunAsUser(JobConf conf) {
+     return System.getProperty("user.name");
+   }
 
   //Write the JVM command line to a file under the specified directory
   // Note that the JVM will be launched using a setuid executable, and