You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Artem Harutyunyan (JIRA)" <ji...@apache.org> on 2017/01/07 00:41:59 UTC

[jira] [Updated] (MESOS-6504) Use 'geteuid()' for the root privileges check.

     [ https://issues.apache.org/jira/browse/MESOS-6504?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Artem Harutyunyan updated MESOS-6504:
-------------------------------------
    Sprint: Mesosphere Sprint 47, Mesosphere Sprint 48, Mesosphere Sprint 49  (was: Mesosphere Sprint 47, Mesosphere Sprint 48)

> Use 'geteuid()' for the root privileges check.
> ----------------------------------------------
>
>                 Key: MESOS-6504
>                 URL: https://issues.apache.org/jira/browse/MESOS-6504
>             Project: Mesos
>          Issue Type: Bug
>          Components: isolation
>            Reporter: Gilbert Song
>            Assignee: Gilbert Song
>              Labels: backend, isolator, mesosphere, user
>
> Currently, parts of code in Mesos check the root privileges using os::user() to compare to "root", which is not sufficient, since it compares the real user. When people change the mesos binary by 'setuid root', the process may not have the right permission to execute.
> We should check the effective user id instead in our code. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)