[jira] [Updated] (MESOS-6504) Use 'geteuid()' for the root privileges check.

Gilbert Song (JIRA) Thu, 19 Jan 2017 15:33:03 -0800

     [ 
https://issues.apache.org/jira/browse/MESOS-6504?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gilbert Song updated MESOS-6504:
--------------------------------
    Sprint: Mesosphere Sprint 47, Mesosphere Sprint 48, Mesosphere Sprint 50  
(was: Mesosphere Sprint 47, Mesosphere Sprint 48, Mesosphere Sprint 49)

> Use 'geteuid()' for the root privileges check.
> ----------------------------------------------
>
>                 Key: MESOS-6504
>                 URL: https://issues.apache.org/jira/browse/MESOS-6504
>             Project: Mesos
>          Issue Type: Bug
>          Components: isolation
>            Reporter: Gilbert Song
>            Assignee: Gilbert Song
>              Labels: backend, isolator, mesosphere, user
>
> Currently, parts of code in Mesos check the root privileges using os::user() 
> to compare to "root", which is not sufficient, since it compares the real 
> user. When people change the mesos binary by 'setuid root', the process may 
> not have the right permission to execute.
> We should check the effective user id instead in our code. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (MESOS-6504) Use 'geteuid()' for the root privileges check.

Reply via email to