hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Templeton (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-5554) MoveApplicationAcrossQueues does not check user permission on the target queue
Date Wed, 28 Dec 2016 22:54:58 GMT

    [ https://issues.apache.org/jira/browse/YARN-5554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15783908#comment-15783908
] 

Daniel Templeton commented on YARN-5554:
----------------------------------------

Let's get this thing closed out.  A few more comments:

* In {{ClientRMService}}, {code}            Server.getRemoteAddress(), null, targetQueue)||{code}
should have a space before the pipes
* In the new {{QueueACLsManager.checkAccess()}}, I'd really appreciate a comment that sums
up the previous discussion on this JIRA so that the next person is less confused than I was
* In {{TestClientRMService.getQueueAclManager()}}, the {{answer()}} method in the anonymous
inner class should have an {{@Override}} annotation.  Also, I think you'll run into problems
with Java 7 and the non-final parameters being used inside the anonymous inner class
* Same comments for {{createClientRMServiceForMoveApplicationRequest()}}, plus you shouldn't
need the suppress warnings annotation now that YARN-4457 is in.  You will need it in branch-2,
though.

> MoveApplicationAcrossQueues does not check user permission on the target queue
> ------------------------------------------------------------------------------
>
>                 Key: YARN-5554
>                 URL: https://issues.apache.org/jira/browse/YARN-5554
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: resourcemanager
>    Affects Versions: 2.7.2
>            Reporter: Haibo Chen
>            Assignee: Wilfred Spiegelenburg
>              Labels: oct16-medium
>         Attachments: YARN-5554.10.patch, YARN-5554.11.patch, YARN-5554.2.patch, YARN-5554.3.patch,
YARN-5554.4.patch, YARN-5554.5.patch, YARN-5554.6.patch, YARN-5554.7.patch, YARN-5554.8.patch,
YARN-5554.9.patch
>
>
> moveApplicationAcrossQueues operation currently does not check user permission on the
target queue. This incorrectly allows one user to move his/her own applications to a queue
that the user has no access to



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message