[
https://issues.apache.org/jira/browse/MAPREDUCE-899?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hemanth Yamijala updated MAPREDUCE-899:
---------------------------------------
Resolution: Fixed
Hadoop Flags: [Incompatible change, Reviewed]
Status: Resolved (was: Patch Available)
Given the test failures are unrelated, I committed this. Thanks, Amareshwari !
Can you please update the release notes ?
> When using LinuxTaskController, localized files may become accessible to
> unintended users if permissions are misconfigured.
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: MAPREDUCE-899
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-899
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: tasktracker
> Reporter: Vinod K V
> Assignee: Amareshwari Sriramadasu
> Fix For: 0.22.0
>
> Attachments: MAPREDUCE-899-20090828.txt, patch-899-1.txt,
> patch-899-2.txt, patch-899-3.txt, patch-899-4.txt, patch-899-5.txt,
> patch-899-6.txt, patch-899-7.txt, patch-899.txt, testplan.txt
>
>
> To enforce the accessibility of job files to only the job-owner and the
> TaskTracker, as per MAPREDUCE-842, it is _trusted_ that the setuid/setgid
> linux TaskController binary is group owned by a _special group_ to which only
> TaskTracker belongs and not just any group to which TT belongs. If the trust
> is broken, possibly due to misconfiguration by admins, the local files become
> accessible to unintended users, yet giving false sense of security to the
> admins.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
