[
https://issues.apache.org/jira/browse/MAPREDUCE-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12750895#action_12750895
]
Hemanth Yamijala commented on MAPREDUCE-899:
--------------------------------------------
Hmm. There are assumptions we are making about the setup that may/may not be
true in practise. For e.g, admins may assume that more than one special user
could be part of the special group to which the task-controller group ownership
belongs - say 'hdfs' and 'mapreduce' are two user accounts belonging to special
group 'hadoop'. Isn't it simpler to configure the special group's name in
task-controller.cfg and check against it ? We can then ensure the
task-controller.cfg file has right ownership and permissions to prevent misuse
and assume whatever is there in the file is valid.
> When using LinuxTaskController, localized files may become accessible to
> unintended users if permissions are misconfigured.
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: MAPREDUCE-899
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-899
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: tasktracker
> Reporter: Vinod K V
> Assignee: Vinod K V
> Attachments: MAPREDUCE-899-20090828.txt
>
>
> To enforce the accessibility of job files to only the job-owner and the
> TaskTracker, as per MAPREDUCE-842, it is _trusted_ that the setuid/setgid
> linux TaskController binary is group owned by a _special group_ to which only
> TaskTracker belongs and not just any group to which TT belongs. If the trust
> is broken, possibly due to misconfiguration by admins, the local files become
> accessible to unintended users, yet giving false sense of security to the
> admins.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
