You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Yan Xu (JIRA)" <ji...@apache.org> on 2016/08/24 21:52:20 UTC
[jira] [Comment Edited] (MESOS-5081) Posix disk isolator allows
unrestricted sandbox disk usage if the executor/task doesn't specify disk
resource
[ https://issues.apache.org/jira/browse/MESOS-5081?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15435771#comment-15435771 ]
Yan Xu edited comment on MESOS-5081 at 8/24/16 9:51 PM:
--------------------------------------------------------
Is it possible for tasks to run shell commands with the command executor and with stdout/stderr forwarded to the container logger? I guess so right? Do we want to disallow that?
was (Author: xujyan):
Is it possible for tasks to run shell commands with the command executor and with stdout/stderr forwarded to the container logger? I guess so right? Do we want to disallow prevent that?
> Posix disk isolator allows unrestricted sandbox disk usage if the executor/task doesn't specify disk resource
> -------------------------------------------------------------------------------------------------------------
>
> Key: MESOS-5081
> URL: https://issues.apache.org/jira/browse/MESOS-5081
> Project: Mesos
> Issue Type: Bug
> Components: containerization
> Reporter: Yan Xu
> Labels: mesosphere
>
> This is the case even if {{flags.enforce_container_disk_quota}} is true. When a task/executor doesn't specify a disk resource, it still gets to write to the container sandbox. However the posix disk isolator doesn't limit it.
> Even though tasks always have access to the sandbox, it should be able to write zero bytes if it doesn't have any {{disk}} resource (it can still touch files). This likely will cause tasks to immediately fail due to stdout/stderr/executor download, etc. but should be the correct behavior (when {{flags.enforce_container_disk_quota}} is true).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)