You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Gaojin CAO (JIRA)" <ji...@apache.org> on 2016/08/11 15:44:20 UTC

[jira] [Commented] (MESOS-6027) Executor stdout/stderr should not be world-readable

    [ https://issues.apache.org/jira/browse/MESOS-6027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15417463#comment-15417463 ] 

Gaojin CAO commented on MESOS-6027:
-----------------------------------

[~adam-mesos], you mean we should make the outputs like these:
{code}
sh -c 'whoami && ls -l && sleep 1001'
nobody
-rw-r-----. 1 nobody nobody 2199 Jul  7 00:12 stderr
-rw-r-----. 1 nobody nobody  208 Jul  7 00:12 stdout
{code}
which means adding file permissions when creating std{err, out} files, am i right?

> Executor stdout/stderr should not be world-readable
> ---------------------------------------------------
>
>                 Key: MESOS-6027
>                 URL: https://issues.apache.org/jira/browse/MESOS-6027
>             Project: Mesos
>          Issue Type: Bug
>            Reporter: Adam B
>            Assignee: Gaojin CAO
>              Labels: newbie, security
>
> Running a task as 'nobody':
> {code}
> sh -c 'whoami && ls -l && sleep 1001'
> nobody
> -rw-r--r--. 1 nobody nobody 2199 Jul  7 00:12 stderr
> -rw-r--r--. 1 nobody nobody  208 Jul  7 00:12 stdout
> {code}
> As a user of a multi-tenant Mesos, I would expect my task logs to be inaccessible to other users/tasks on the same node. Filesystem isolation helps from one angle, but basic Linux filesystem permissions are just good practice.
> There's no reason that any user other than the task user (i.e. the task itself) and root (e.g. Mesos agent) should be able to access these logs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)