[jira] [Commented] (YARN-5280) Allow YARN containers to run with Java Security Manager

[Greg Phillips (JIRA)]

    [ 
https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15668629#comment-15668629
 ] 

Greg Phillips commented on YARN-5280:
-------------------------------------

[~vvasudev] - thanks for the guidance.  I have definitely run out of space in 
the hadoop tmp dir in the past, and I completely agree that storing the 
java.policy in the container private directory is a better solution.  I have 
made that modification, and I am currently testing it.  For debugging purposes 
users can inspect the generated java.policy file from within their application 
using System.getSecurityManager(), or by providing client arguments for 
security manager debugging.  I will include notes on this in the javadoc, and 
in future feature documentation.

The difficulty arises when moving the functionality from prepareContainer to 
launchContainer.  In particular I need to modify the actual java run command 
instead of the container launch command.  The only way I have found to modify 
the run command found within the launch_container.sh is through the 
LinuxContainerExecutor#writeLaunchEnv.  A method which links the 
LinuxContainerExecutor with the ContainerRuntime prior to the environment being 
written seems necessary for this feature.  I am very interested in your 
thoughts on this matter.

> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Assignee: Greg Phillips
>            Priority: Minor
>              Labels: oct16-medium
>         Attachments: YARN-5280.001.patch, YARN-5280.002.patch, 
> YARN-5280.003.patch, YARN-5280.004.patch, YARN-5280.patch, 
> YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have 
> the potential to add instability into the cluster. The Java Security Manager 
> can be used to prevent users from running privileged actions while still 
> allowing their core data processing use cases. 
> Introduce a YARN flag which will allow a Hadoop administrator to enable the 
> Java Security Manager for user code, while still providing complete 
> permissions to core Hadoop libraries.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org