[
https://issues.apache.org/jira/browse/MAPREDUCE-1991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894820#action_12894820
]
Hemanth Yamijala commented on MAPREDUCE-1991:
---------------------------------------------
The -l option is to enable logging in the taskcontroller. AFAIK, we have never
really used this. Should we knock it out ? Otherwise, moving the check for
taskcontroller permissions before the opening of the log file will possibly fix
this issue. Note that we do protect against some misconfiguration already. It
just happens after the log file option is processed.
> taskcontroller allows stealing permissions on any local file
> ------------------------------------------------------------
>
> Key: MAPREDUCE-1991
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-1991
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: task-controller
> Affects Versions: 0.21.0, 0.22.0
> Reporter: Todd Lipcon
> Priority: Blocker
>
> The linux task-controller setuid binary allows a malicious user to chmod any
> file on the system to 644 (and as a side effect appends some junk to the end)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
