You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Andrew Onischuk (JIRA)" <ji...@apache.org> on 2015/05/21 17:59:17 UTC

[jira] [Created] (AMBARI-11307) Non-secure clusters should not install the linux task controller

Andrew Onischuk created AMBARI-11307:
----------------------------------------

             Summary: Non-secure clusters should not install the linux task controller
                 Key: AMBARI-11307
                 URL: https://issues.apache.org/jira/browse/AMBARI-11307
             Project: Ambari
          Issue Type: Bug
            Reporter: Andrew Onischuk
            Assignee: Andrew Onischuk
             Fix For: 2.1.0


In insecure clusters, all user code runs as mapred. With our default insecure
install, the setuid to root linux task controller provides mapred with the
ability to run processes as any user. The combination of these is bad. I think
we should separate out the setuid executable to a separate rpm that is only
installed on secure clusters.





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)