hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Remus Rusanu (JIRA)" <j...@apache.org>
Subject [jira] [Created] (YARN-2551) Windows Secure Cotnainer Executor: Add checks to validate that the wsce-site.xml is write restricted to Administrators only
Date Mon, 15 Sep 2014 13:29:33 GMT
Remus Rusanu created YARN-2551:
----------------------------------

             Summary: Windows Secure Cotnainer Executor: Add checks to validate that the wsce-site.xml
is write restricted to Administrators only
                 Key: YARN-2551
                 URL: https://issues.apache.org/jira/browse/YARN-2551
             Project: Hadoop YARN
          Issue Type: Sub-task
          Components: nodemanager
            Reporter: Remus Rusanu
            Assignee: Remus Rusanu


The wsce-site.xml containes the impersonate.allowed and impersonate.denied keys that restrict/control
the users that can be impersonated by the WSCE containers. The impersonation frameworks in
winutils should validate that only Administrators have write control on this file. 

This is similar to how LCE is validating that only root has write permissions on container-executor.cfg
file on secure Linux clusters.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message