You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Eric Yang (JIRA)" <ji...@apache.org> on 2018/10/01 23:02:00 UTC

[jira] [Created] (YARN-8838) Add security check for container user is same as websocket user

Eric Yang created YARN-8838:
-------------------------------

             Summary: Add security check for container user is same as websocket user
                 Key: YARN-8838
                 URL: https://issues.apache.org/jira/browse/YARN-8838
             Project: Hadoop YARN
          Issue Type: Sub-task
          Components: nodemanager
            Reporter: Eric Yang


When user is authenticate via SPNEGO entry point, node manager must verify the remote user is the same as the container user to start the web socket session.  One possible solution is to verify the web request user matches yarn container local directory owne during onWebSocketConnect..



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org