hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Badger (JIRA)" <j...@apache.org>
Subject [jira] [Created] (YARN-7960) Add no-new-privileges flag to docker run
Date Thu, 22 Feb 2018 16:03:00 GMT
Eric Badger created YARN-7960:

             Summary: Add no-new-privileges flag to docker run
                 Key: YARN-7960
                 URL: https://issues.apache.org/jira/browse/YARN-7960
             Project: Hadoop YARN
          Issue Type: Sub-task
            Reporter: Eric Badger

Minimally, this should be used for unprivileged containers. It's a cheap way to add an extra
layer of security to the docker model. For privileged containers, it might be appropriate
to omit this flag


This message was sent by Atlassian JIRA

To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org

View raw message