You are viewing a plain text version of this content. The canonical link for it is here.

Posted to mapreduce-issues@hadoop.apache.org by "Todd Lipcon (JIRA)" <ji...@apache.org> on 2011/03/08 22:00:59 UTC

[jira] Created: (MAPREDUCE-2371) TaskLogsTruncater does not need to check log ownership when running as Child

TaskLogsTruncater does not need to check log ownership when running as Child
----------------------------------------------------------------------------

                 Key: MAPREDUCE-2371
                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-2371
             Project: Hadoop Map/Reduce
          Issue Type: Improvement
    Affects Versions: 0.23.0
            Reporter: Todd Lipcon
            Assignee: Todd Lipcon
             Fix For: 0.23.0


Before MAPREDUCE-2178, it used to be that the TaskLogsTruncater had to use the SecureIO API to open the task logs before truncation, to avoid an attack where the user would symlink in something that the TT had access to but not the user. After MAPREDUCE-2178, this truncation is done as the user rather than as the TT, so we don't need to perform this check.

Not performing the check avoids a fork() call which we've found to be troublesome since it doubles vmem consumption and thus requires that users bump mapred.child.ulimit to >2x the expected child heap size.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Updated: (MAPREDUCE-2371) TaskLogsTruncater does not need to check log ownership when running as Child

Posted by "Todd Lipcon (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/MAPREDUCE-2371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Todd Lipcon updated MAPREDUCE-2371:
-----------------------------------

    Attachment: mapreduce-2371-on-0.20.txt

Here's a prelim patch for this (not cluster tested yet). It applies against an 0.20 security branch, since MAPREDUCE-2178 isn't available for trunk yet.

> TaskLogsTruncater does not need to check log ownership when running as Child
> ----------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-2371
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-2371
>             Project: Hadoop Map/Reduce
>          Issue Type: Improvement
>    Affects Versions: 0.23.0
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>             Fix For: 0.23.0
>
>         Attachments: mapreduce-2371-on-0.20.txt
>
>
> Before MAPREDUCE-2178, it used to be that the TaskLogsTruncater had to use the SecureIO API to open the task logs before truncation, to avoid an attack where the user would symlink in something that the TT had access to but not the user. After MAPREDUCE-2178, this truncation is done as the user rather than as the TT, so we don't need to perform this check.
> Not performing the check avoids a fork() call which we've found to be troublesome since it doubles vmem consumption and thus requires that users bump mapred.child.ulimit to >2x the expected child heap size.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira