You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Robert Kanter (JIRA)" <ji...@apache.org> on 2017/02/11 02:09:42 UTC

[jira] [Commented] (YARN-5280) Allow YARN containers to run with Java Security Manager

    [ https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15862157#comment-15862157 ] 

Robert Kanter commented on YARN-5280:
-------------------------------------

The 006 patch looks mostly good to me.  My only remaining concern is with the regexes in {{NMContainerPolicyUtils}}.  It would be good to have some tests that specifically verify the regexes with some reasonable positive and negative cases.  

I'm also wondering if there's some way a malicious user could trick it (I might not be following the regexes correctly here so feel free to let me know if something like this can't actually happen).  For example, if we're removing "java", and you have "/evil/jajavava", it's going to become "/evil/java".



> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Assignee: Greg Phillips
>            Priority: Minor
>              Labels: oct16-medium
>         Attachments: YARN-5280.001.patch, YARN-5280.002.patch, YARN-5280.003.patch, YARN-5280.004.patch, YARN-5280.005.patch, YARN-5280.006.patch, YARN-5280.patch, YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have the potential to add instability into the cluster. The Java Security Manager can be used to prevent users from running privileged actions while still allowing their core data processing use cases. 
> Introduce a YARN flag which will allow a Hadoop administrator to enable the Java Security Manager for user code, while still providing complete permissions to core Hadoop libraries.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org