You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mapreduce-issues@hadoop.apache.org by "Amareshwari Sriramadasu (JIRA)" <ji...@apache.org> on 2009/12/24 11:58:29 UTC
[jira] Updated: (MAPREDUCE-899) When using LinuxTaskController,
localized files may become accessible to unintended users if permissions
are misconfigured.
[ https://issues.apache.org/jira/browse/MAPREDUCE-899?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Amareshwari Sriramadasu updated MAPREDUCE-899:
----------------------------------------------
Status: Patch Available (was: Open)
> When using LinuxTaskController, localized files may become accessible to unintended users if permissions are misconfigured.
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: MAPREDUCE-899
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-899
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: tasktracker
> Reporter: Vinod K V
> Assignee: Vinod K V
> Attachments: MAPREDUCE-899-20090828.txt, patch-899.txt
>
>
> To enforce the accessibility of job files to only the job-owner and the TaskTracker, as per MAPREDUCE-842, it is _trusted_ that the setuid/setgid linux TaskController binary is group owned by a _special group_ to which only TaskTracker belongs and not just any group to which TT belongs. If the trust is broken, possibly due to misconfiguration by admins, the local files become accessible to unintended users, yet giving false sense of security to the admins.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.