[ https://issues.apache.org/jira/browse/YARN-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14102684#comment-14102684
]
Ravi Prakash commented on YARN-2424:
------------------------------------
Thanks Tucu! In YARN-1253, Vinod wrote:
bq. Even if the jobs run as a single 'yarnuser', security isn't still there - like Arun said,
any body can bomb HDFS directories of other users, any user can kill any other user's tasks/containers,
any one can delete any one else's local dirs, log-dir and so on
Is that not true?
> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>
> Key: YARN-2424
> URL: https://issues.apache.org/jira/browse/YARN-2424
> Project: Hadoop YARN
> Issue Type: Bug
> Components: nodemanager
> Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
> Reporter: Allen Wittenauer
> Priority: Blocker
> Attachments: YARN-2424.patch
>
>
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios. This is a
fairly serious regression, as turning on LCE prior to turning on full-blown security is a
fairly standard procedure.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
|