[ https://issues.apache.org/jira/browse/MAPREDUCE-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12750895#action_12750895 ]
Hemanth Yamijala commented on MAPREDUCE-899: -------------------------------------------- Hmm. There are assumptions we are making about the setup that may/may not be true in practise. For e.g, admins may assume that more than one special user could be part of the special group to which the task-controller group ownership belongs - say 'hdfs' and 'mapreduce' are two user accounts belonging to special group 'hadoop'. Isn't it simpler to configure the special group's name in task-controller.cfg and check against it ? We can then ensure the task-controller.cfg file has right ownership and permissions to prevent misuse and assume whatever is there in the file is valid. > When using LinuxTaskController, localized files may become accessible to > unintended users if permissions are misconfigured. > --------------------------------------------------------------------------------------------------------------------------- > > Key: MAPREDUCE-899 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-899 > Project: Hadoop Map/Reduce > Issue Type: Bug > Components: tasktracker > Reporter: Vinod K V > Assignee: Vinod K V > Attachments: MAPREDUCE-899-20090828.txt > > > To enforce the accessibility of job files to only the job-owner and the > TaskTracker, as per MAPREDUCE-842, it is _trusted_ that the setuid/setgid > linux TaskController binary is group owned by a _special group_ to which only > TaskTracker belongs and not just any group to which TT belongs. If the trust > is broken, possibly due to misconfiguration by admins, the local files become > accessible to unintended users, yet giving false sense of security to the > admins. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.