[ https://issues.apache.org/jira/browse/MAPREDUCE-181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Devaraj Das resolved MAPREDUCE-181. ----------------------------------- Resolution: Fixed Hadoop Flags: [Reviewed] I just committed this. Thanks Amar for the initial patches on this one. > Secure job submission > ---------------------- > > Key: MAPREDUCE-181 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-181 > Project: Hadoop Map/Reduce > Issue Type: Sub-task > Reporter: Amar Kamat > Assignee: Devaraj Das > Fix For: 0.22.0 > > Attachments: 181-1.patch, 181-2.patch, 181-3.patch, 181-3.patch, > 181-4.patch, 181-5.1.patch, 181-5.1.patch, 181-6.patch, 181-8.patch, > hadoop-3578-branch-20-example-2.patch, hadoop-3578-branch-20-example.patch, > HADOOP-3578-v2.6.patch, HADOOP-3578-v2.7.patch, MAPRED-181-v3.32.patch, > MAPRED-181-v3.8.patch > > > Currently the jobclient accesses the {{mapred.system.dir}} to add job > details. Hence the {{mapred.system.dir}} has the permissions of > {{rwx-wx-wx}}. This could be a security loophole where the job files might > get overwritten/tampered after the job submission. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.