You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Gilbert Song (JIRA)" <ji...@apache.org> on 2016/10/28 20:40:59 UTC

[jira] [Created] (MESOS-6504) Use 'geteuid()' for the root privileges check.

Gilbert Song created MESOS-6504:
-----------------------------------

             Summary: Use 'geteuid()' for the root privileges check.
                 Key: MESOS-6504
                 URL: https://issues.apache.org/jira/browse/MESOS-6504
             Project: Mesos
          Issue Type: Bug
            Reporter: Gilbert Song
            Assignee: Gilbert Song


Currently, parts of code in Mesos check the root privileges using os::user() to compare to "root", which is not sufficient, since it compares the real user. When people change the mesos binary by 'setuid root', the process may not have the right permission to execute.

We should check the effective user id instead in our code. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)