You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "longfei (JIRA)" <ji...@apache.org> on 2019/07/03 07:06:00 UTC
[jira] [Assigned] (MESOS-9876) Use geteuid to determine subprocess'
user when launching task.
[ https://issues.apache.org/jira/browse/MESOS-9876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
longfei reassigned MESOS-9876:
------------------------------
Assignee: longfei
> Use geteuid to determine subprocess' user when launching task.
> --------------------------------------------------------------
>
> Key: MESOS-9876
> URL: https://issues.apache.org/jira/browse/MESOS-9876
> Project: Mesos
> Issue Type: Improvement
> Reporter: longfei
> Assignee: longfei
> Priority: Major
>
> I have to run mesos-agent as root(or some user with root privilege) to isolate tasks' execution environment. For security, we
> # chmod +s to mesos-agent and then run it as some user A(We'll ssh as user A to do some ops, but NOT every has root privilege.).
> # use --switch_user to restrict tasks' capabilities(e.g. "rm -rf /" is not allowed).
> The problem is that if we set CommandInfo.User to A(the same one running mesos-agent), the check in MesosContainerizerLaunch::execute()
> {code:java}
> if(uid.get() != os::getuid().get()){
> // some code
> }{code}
> will always be false. As a result, all subprocesses will run as root.
> So I suggest that we use geteuid here to replace getuid, namely
> {code:java}
> if (uid.get() != ::geteuid()){
> // some code
> }
> {code}
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)