hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-2424) LCE should support non-cgroups, non-secure mode
Date Tue, 19 Aug 2014 16:27:19 GMT

    [ https://issues.apache.org/jira/browse/YARN-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14102416#comment-14102416

Allen Wittenauer commented on YARN-2424:

BTW, it should be pointed out that the current code doesn't actually protect non-RPCSEC NFSv3/v2
 directories.  It only prevents them from being mounted using system facilities.  (I'll leave
it up to the reader to see how to implement an exploit.... not that it's particularly hard.)

The only "security" thing the current code does is limit containers to run as one uid which
in turn means preventing access to any elevated privs that any other user might have.  That's
it. So if you have too many users with, say, passwordless sudo or if you don't want to publish
user names to your compute nodes, the current code helps.  Otherwise, you're getting zero
benefits.  For example, YARN scheduling and HDFS writes are still being done by the originally
requested user.

The security aspects, as pointed out in the original JIRA, are a red herring.

> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>                 Key: YARN-2424
>                 URL: https://issues.apache.org/jira/browse/YARN-2424
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: nodemanager
>    Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
>            Reporter: Allen Wittenauer
>            Priority: Blocker
>         Attachments: YARN-2424.patch
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios.  This is a
fairly serious regression, as turning on LCE prior to turning on full-blown security is a
fairly standard procedure.

This message was sent by Atlassian JIRA

View raw message