[ https://issues.apache.org/jira/browse/YARN-6623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16111499#comment-16111499 ]
Miklos Szegedi commented on YARN-6623: -------------------------------------- [~dan...@cloudera.com], this is needed I think for defense in depth. container-executor.cfg is enforced to be runnable only by root. yarn-site.xml is not. Also container-executor does not allow now to launch something impersonating root. This feature should be followed by the Docker code as well. {code} /** * Is the user a real user account? * Checks: * 1. Not root * 2. UID is above the minimum configured. * 3. Not in banned user list * Returns NULL on failure */ struct passwd* check_user(const char *user) { {code} Let's assume someone allows the container-executor executed from yarn but set user to root (or run privileged docker). In this case the point running YARN as yarn and not root is lost. > Add support to turn off launching privileged containers in the > container-executor > --------------------------------------------------------------------------------- > > Key: YARN-6623 > URL: https://issues.apache.org/jira/browse/YARN-6623 > Project: Hadoop YARN > Issue Type: Improvement > Components: nodemanager > Reporter: Varun Vasudev > Assignee: Varun Vasudev > > Currently, launching privileged containers is controlled by the NM. We should > add a flag to the container-executor.cfg allowing admins to disable launching > privileged containers at the container-executor level. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org