Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 685E2200B84 for ; Tue, 20 Sep 2016 21:23:22 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 67114160AC0; Tue, 20 Sep 2016 19:23:22 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id D93EB160AC9 for ; Tue, 20 Sep 2016 21:23:21 +0200 (CEST) Received: (qmail 54320 invoked by uid 500); 20 Sep 2016 19:23:20 -0000 Mailing-List: contact yarn-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list yarn-issues@hadoop.apache.org Received: (qmail 54098 invoked by uid 99); 20 Sep 2016 19:23:20 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Sep 2016 19:23:20 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 91EEC2C2A68 for ; Tue, 20 Sep 2016 19:23:20 +0000 (UTC) Date: Tue, 20 Sep 2016 19:23:20 +0000 (UTC) From: "Daniel Templeton (JIRA)" To: yarn-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (YARN-5599) Post AM launcher artifacts to ATS MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 20 Sep 2016 19:23:22 -0000 [ https://issues.apache.org/jira/browse/YARN-5599?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15507524#comment-15507524 ] Daniel Templeton commented on YARN-5599: ---------------------------------------- Looks like the patch adds back the log line in {{createAMContainerLaunchContext()}}, which reintroduces the security vulnerability we were trying to eliminate. The log line should be dropped altogether. > Post AM launcher artifacts to ATS > --------------------------------- > > Key: YARN-5599 > URL: https://issues.apache.org/jira/browse/YARN-5599 > Project: Hadoop YARN > Issue Type: Improvement > Reporter: Daniel Templeton > Assignee: Rohith Sharma K S > Attachments: 0001-YARN-5599.patch > > > To aid in debugging launch failures, it would be valuable to have an application's launch script and logs posted to ATS. Because the application's command line may contain private credentials or other secure information, access to the data in ATS should be restricted to the job owner, including the at-rest data. > Along with making the data available through ATS, the configuration parameter introduced in YARN-5549 and the log line that it guards should be removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org For additional commands, e-mail: yarn-issues-help@hadoop.apache.org