hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] Commented: (MAPREDUCE-899) When using LinuxTaskController, localized files may become accessible to unintended users if permissions are misconfigured.
Date Sat, 30 Jan 2010 19:02:34 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12806713#action_12806713
] 

Hadoop QA commented on MAPREDUCE-899:
-------------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12431865/patch-899-7.txt
  against trunk revision 904717.

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 12 new or modified tests.

    +1 javadoc.  The javadoc tool did not generate any warning messages.

    +1 javac.  The applied patch does not increase the total number of javac compiler warnings.

    +1 findbugs.  The patch does not introduce any new Findbugs warnings.

    +1 release audit.  The applied patch does not increase the total number of release audit
warnings.

    -1 core tests.  The patch failed core unit tests.

    +1 contrib tests.  The patch passed contrib unit tests.

Test results: http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/419/testReport/
Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/419/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Checkstyle results: http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/419/artifact/trunk/build/test/checkstyle-errors.html
Console output: http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/419/console

This message is automatically generated.

> When using LinuxTaskController, localized files may become accessible to unintended users
if permissions are misconfigured.
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-899
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-899
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: tasktracker
>            Reporter: Vinod K V
>            Assignee: Amareshwari Sriramadasu
>             Fix For: 0.22.0
>
>         Attachments: MAPREDUCE-899-20090828.txt, patch-899-1.txt, patch-899-2.txt, patch-899-3.txt,
patch-899-4.txt, patch-899-5.txt, patch-899-6.txt, patch-899-7.txt, patch-899.txt, testplan.txt
>
>
> To enforce the accessibility of job files to only the job-owner and the TaskTracker,
as per MAPREDUCE-842, it is _trusted_ that the  setuid/setgid linux TaskController binary
is group owned by a _special group_ to which only TaskTracker belongs and not just any group
to which TT belongs. If the trust is broken, possibly due to misconfiguration by admins, the
local files become accessible to unintended users, yet giving false sense of security to the
admins.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message