[
https://issues.apache.org/jira/browse/HADOOP-3578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12696726#action_12696726
]
Owen O'Malley commented on HADOOP-3578:
---------------------------------------
1. I really don't like counting on generating "unknown" random numbers. This
has *often* lead to security problems in practice as someone figures out a way
to guess the numbers.
2. I don't see any compelling reason for this not to be done via rpc. It will
make the security story much much easier if only the mapred user can access the
system directory. The clients would do:
1. Get a jobid from the job tracker. (probably should pass the queue name
here too, so that acls can be checked)
2. Generate the splits.
3. Pass the splits as RawInputSplits to the job tracker 1000 at a time.
4. Pass the JobConf via rpc and tell the job tracker to start the job.
The JobTracker can add them to the split file as they are received.
Thoughts?
> mapred.system.dir should be accessible only to hadoop daemons
> --------------------------------------------------------------
>
> Key: HADOOP-3578
> URL: https://issues.apache.org/jira/browse/HADOOP-3578
> Project: Hadoop Core
> Issue Type: Bug
> Components: mapred
> Reporter: Amar Kamat
> Assignee: Amar Kamat
>
> Currently the jobclient accesses the {{mapred.system.dir}} to add job
> details. Hence the {{mapred.system.dir}} has the permissions of
> {{rwx-wx-wx}}. This could be a security loophole where the job files might
> get overwritten/tampered after the job submission.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
