[jira] Commented: (MAPREDUCE-899) When using LinuxTaskController, localized files may become accessible to unintended users if permissions are misconfigured.

Hadoop QA (JIRA) Tue, 05 Jan 2010 05:43:19 -0800

    [ 
https://issues.apache.org/jira/browse/MAPREDUCE-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796660#action_12796660
 ]


Hadoop QA commented on MAPREDUCE-899:
-------------------------------------

+1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12429436/patch-899-1.txt
  against trunk revision 895914.

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 12 new or modified tests.

    +1 javadoc.  The javadoc tool did not generate any warning messages.

    +1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

    +1 findbugs.  The patch does not introduce any new Findbugs warnings.

    +1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

    +1 core tests.  The patch passed core unit tests.

    +1 contrib tests.  The patch passed contrib unit tests.

Test results: 
http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/356/testReport/
Findbugs warnings: 
http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/356/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Checkstyle results: 
http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/356/artifact/trunk/build/test/checkstyle-errors.html
Console output: 
http://hudson.zones.apache.org/hudson/job/Mapreduce-Patch-h6.grid.sp2.yahoo.net/356/console

This message is automatically generated.

> When using LinuxTaskController, localized files may become accessible to 
> unintended users if permissions are misconfigured.
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-899
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-899
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: tasktracker
>            Reporter: Vinod K V
>            Assignee: Amareshwari Sriramadasu
>             Fix For: 0.22.0
>
>         Attachments: MAPREDUCE-899-20090828.txt, patch-899-1.txt, 
> patch-899.txt
>
>
> To enforce the accessibility of job files to only the job-owner and the 
> TaskTracker, as per MAPREDUCE-842, it is _trusted_ that the  setuid/setgid 
> linux TaskController binary is group owned by a _special group_ to which only 
> TaskTracker belongs and not just any group to which TT belongs. If the trust 
> is broken, possibly due to misconfiguration by admins, the local files become 
> accessible to unintended users, yet giving false sense of security to the 
> admins.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (MAPREDUCE-899) When using LinuxTaskController, localized files may become accessible to unintended users if permissions are misconfigured.

Reply via email to