[
https://issues.apache.org/jira/browse/YARN-11901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18041047#comment-18041047
]
Ferenc Erdelyi commented on YARN-11901:
---------------------------------------
Discussed this Jira with [~stoty], and he recommended not to remove this
feature until there are JVMs that support SecurityManager, in case there are
active use cases still relying on its functionality. But we should check in
{{org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.JavaSandboxLinuxContainerRuntime.NMContainerPolicyUtils.appendSecurityFlags(List<String>,
Map<String, String>, Path, SandboxMode)}} if SecurityManager works at all, it
throws a meaningful exception if not.
Istvan also provided a sample code snippet to achieve it:
{code:java}
SecurityManager manager = System.getSecurityManager();
try {
System.setSecurityManager(manager);
} catch (UnsupportedOperationException e) {
// This happens when SecurityManager is not supported/enabled by the JVM
}
{code}
> Remove SecurityManager implementation from YARN
> -----------------------------------------------
>
> Key: YARN-11901
> URL: https://issues.apache.org/jira/browse/YARN-11901
> Project: Hadoop YARN
> Issue Type: Bug
> Reporter: Ferenc Erdelyi
> Priority: Major
>
> YARN-5280 allowed containers to run with JavaSecurityManager, which is
> permanently disabled as of JDK24 - JEP486.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
