hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-5280) Allow YARN containers to run with Java Security Manager
Date Mon, 11 Jul 2016 22:38:11 GMT

    [ https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15371815#comment-15371815
] 

Larry McCay commented on YARN-5280:
-----------------------------------

bq. In order to prevent users from granting themselves excess permissions this would likely
need to take the form of server side configurations.

To clarify, the idea isn't so that applications would grant themselves permissions but instead
declare the required permissions for the application. This allows for deployment time failure
as apposed to runtime failure when a privileged action is attempted and fails. Of course,
there is nothing stating that there couldn't be server side configuration to allow for a minimum
set of permissions and some room for certain permissions that can be granted upon demand.
In general, it would be expected that it would be a deploy time compare of those permissions
required for deployment and those being granted by the container policy in server config.

The jar signing subtasks certainly seem appropriate. I would still like to hear the driving
usecase/s and how many folks actually need it.

> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Priority: Minor
>         Attachments: YARN-5280.patch, YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have the potential
to add instability into the cluster. The Java Security Manager can be used to prevent users
from running privileged actions while still allowing their core data processing use cases.

> Introduce a YARN flag which will allow a Hadoop administrator to enable the Java Security
Manager for user code, while still providing complete permissions to core Hadoop libraries.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message