[
https://issues.apache.org/jira/browse/YARN-7516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16323037#comment-16323037
]
Eric Badger commented on YARN-7516:
-----------------------------------
{noformat:title=Both privileges and capabilities}
-bash-4.2$ sudo docker run --privileged image_name ls /dev | column -c 160
WARNING: IPv4 forwarding is disabled. Networking will not work.
autofs network_throughput sde1 tty15
tty43 uinput
bsg null sde2 tty16
tty44 urandom
btrfs-control nvram sdf tty17
tty45 usbmon0
bus oldmem sdf1 tty18
tty46 usbmon1
core port sdf2 tty19
tty47 usbmon2
cpu ppp sdg tty2
tty48 usbmon3
cpu_dma_latency ptmx sdg1 tty20
tty49 usbmon4
crash ptp0 sdh tty21
tty5 vcs
dri pts sdh1 tty22
tty50 vcs1
fb0 random sg0 tty23
tty51 vcs2
fd raw sg1 tty24
tty52 vcs3
full rtc0 sg2 tty25
tty53 vcs4
fuse sda sg3 tty26
tty54 vcs5
hpet sda1 sg4 tty27
tty55 vcs6
hwrng sda2 sg5 tty28
tty56 vcsa
input sda3 sg6 tty29
tty57 vcsa1
ipmi0 sda4 sg7 tty3
tty58 vcsa2
kmsg sda5 shm tty30
tty59 vcsa3
kvm sdb snapshot tty31
tty6 vcsa4
loop-control sdb1 snd tty32
tty60 vcsa5
mapper sdb2 stderr tty33
tty61 vcsa6
mcelog sdb3 stdin tty34
tty62 vfio
md0 sdb4 stdout tty35
tty63 vga_arbiter
md1 sdb5 tty tty36
tty7 vhci
md2 sdc tty0 tty37
tty8 vhost-net
md3 sdc1 tty1 tty38
tty9 zero
md4 sdc2 tty10 tty39
ttyS0
mem sdd tty11 tty4
ttyS1
mqueue sdd1 tty12 tty40
ttyS2
net sdd2 tty13 tty41
ttyS3
network_latency sde tty14 tty42
uhid
{noformat}
{noformat:title=Just privileges, no capabilities}
-bash-4.2$ sudo docker run --rm --privileged --cap-drop='ALL' image_name ls
/dev | column -c 160
WARNING: IPv4 forwarding is disabled. Networking will not work.
autofs network_throughput sde1 tty15
tty43 uinput
bsg null sde2 tty16
tty44 urandom
btrfs-control nvram sdf tty17
tty45 usbmon0
bus oldmem sdf1 tty18
tty46 usbmon1
core port sdf2 tty19
tty47 usbmon2
cpu ppp sdg tty2
tty48 usbmon3
cpu_dma_latency ptmx sdg1 tty20
tty49 usbmon4
crash ptp0 sdh tty21
tty5 vcs
dri pts sdh1 tty22
tty50 vcs1
fb0 random sg0 tty23
tty51 vcs2
fd raw sg1 tty24
tty52 vcs3
full rtc0 sg2 tty25
tty53 vcs4
fuse sda sg3 tty26
tty54 vcs5
hpet sda1 sg4 tty27
tty55 vcs6
hwrng sda2 sg5 tty28
tty56 vcsa
input sda3 sg6 tty29
tty57 vcsa1
ipmi0 sda4 sg7 tty3
tty58 vcsa2
kmsg sda5 shm tty30
tty59 vcsa3
kvm sdb snapshot tty31
tty6 vcsa4
loop-control sdb1 snd tty32
tty60 vcsa5
mapper sdb2 stderr tty33
tty61 vcsa6
mcelog sdb3 stdin tty34
tty62 vfio
md0 sdb4 stdout tty35
tty63 vga_arbiter
md1 sdb5 tty tty36
tty7 vhci
md2 sdc tty0 tty37
tty8 vhost-net
md3 sdc1 tty1 tty38
tty9 zero
md4 sdc2 tty10 tty39
ttyS0
mem sdd tty11 tty4
ttyS1
mqueue sdd1 tty12 tty40
ttyS2
net sdd2 tty13 tty41
ttyS3
network_latency sde tty14 tty42
uhid
{noformat}
{noformat:title=Just capabilities, no privileges}
-bash-4.2$ sudo docker run --rm image_name ls /dev | column -c 160
WARNING: IPv4 forwarding is disabled. Networking will not work.
core fd full mqueue null ptmx pts random shm stderr
stdin stdout tty urandom zero
{noformat}
{noformat:title=No capabilties or privileges}
-bash-4.2$ sudo docker run --rm --cap-drop='ALL' image_name ls /dev | column -c
160
WARNING: IPv4 forwarding is disabled. Networking will not work.
core fd full mqueue null ptmx pts random shm stderr
stdin stdout tty urandom zero
{noformat}
I don't see any difference with or without capabilities, but I see a huge
different without privilege.
> Security check for untrusted docker image
> -----------------------------------------
>
> Key: YARN-7516
> URL: https://issues.apache.org/jira/browse/YARN-7516
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Eric Yang
> Assignee: Eric Yang
> Attachments: YARN-7516.001.patch, YARN-7516.002.patch,
> YARN-7516.003.patch, YARN-7516.004.patch, YARN-7516.005.patch,
> YARN-7516.006.patch, YARN-7516.007.patch
>
>
> Hadoop YARN Services can support using private docker registry image or
> docker image from docker hub. In current implementation, Hadoop security is
> enforced through username and group membership, and enforce uid:gid
> consistency in docker container and distributed file system. There is cloud
> use case for having ability to run untrusted docker image on the same cluster
> for testing.
> The basic requirement for untrusted container is to ensure all kernel and
> root privileges are dropped, and there is no interaction with distributed
> file system to avoid contamination. We can probably enforce detection of
> untrusted docker image by checking the following:
> # If docker image is from public docker hub repository, the container is
> automatically flagged as insecure, and disk volume mount are disabled
> automatically, and drop all kernel capabilities.
> # If docker image is from private repository in docker hub, and there is a
> white list to allow the private repository, disk volume mount is allowed,
> kernel capabilities follows the allowed list.
> # If docker image is from private trusted registry with image name like
> "private.registry.local:5000/centos", and white list allows this private
> trusted repository. Disk volume mount is allowed, kernel capabilities
> follows the allowed list.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
