hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Owen O'Malley (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-3578) mapred.system.dir should be accessible only to hadoop daemons
Date Wed, 25 Jun 2008 05:06:45 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-3578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12607859#action_12607859

Owen O'Malley commented on HADOOP-3578:

Ok, some more details...

I'd suggest using:
system dir: perm = rwxr-xr-x, owner = mapreduce
job dir: perm = rwx------, owner = job owner

the job client would create the jobdir in the staging directory, which is in the user's home
directory on the file system with the system dir on it.

When the job is submitted, we send the jobconf over rpc by making Configuration implement
Writable. This will allow the job tracker to load the job conf without being a super user.

Now the job tracker uses the credentials in the jobconf to move the directory under the system
dir. This way, we get:
  * the job tracker is not a super user
  * users can not read the jobdir of other users
  * users do not have permissions to write into the system dir
  * the jobdir is written only once by the jobclient
  * it is not a big change to the current job tracker / job client


> mapred.system.dir should be accessible only to hadoop daemons 
> --------------------------------------------------------------
>                 Key: HADOOP-3578
>                 URL: https://issues.apache.org/jira/browse/HADOOP-3578
>             Project: Hadoop Core
>          Issue Type: Bug
>          Components: mapred
>            Reporter: Amar Kamat
> Currently the jobclient accesses the {{mapred.system.dir}} to add job details. Hence
the {{mapred.system.dir}} has the permissions of {{rwx-wx-wx}}. This could be a security loophole
where the job files might get overwritten/tampered after the job submission. 

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message