mesos-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Rukletsov (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (MESOS-6391) Command task's sandbox should not be owned by root if it uses container image.
Date Fri, 14 Oct 2016 11:50:22 GMT

     [ https://issues.apache.org/jira/browse/MESOS-6391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Alexander Rukletsov updated MESOS-6391:
---------------------------------------
    Priority: Blocker  (was: Major)

> Command task's sandbox should not be owned by root if it uses container image.
> ------------------------------------------------------------------------------
>
>                 Key: MESOS-6391
>                 URL: https://issues.apache.org/jira/browse/MESOS-6391
>             Project: Mesos
>          Issue Type: Bug
>    Affects Versions: 0.28.2, 1.0.1
>            Reporter: Jie Yu
>            Assignee: Jie Yu
>            Priority: Blocker
>
> Currently, if the task defines a container image, the command executor will be run under
root because it needs to perform pivot_root.
> That means if the task wants to run under an unprivileged user, the sandbox of that task
will not be writable because it's owned by root.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message