You are viewing a plain text version of this content. The canonical link for it is here.

Posted to mapreduce-dev@hadoop.apache.org by "Vinod Kumar Vavilapalli (JIRA)" <ji...@apache.org> on 2011/07/29 05:44:09 UTC

[jira] [Created] (MAPREDUCE-2743) [MR-279] [Security] AM should not be able to abuse container tokens for repetitive container launches

[MR-279] [Security] AM should not be able to abuse container tokens for repetitive container launches
-----------------------------------------------------------------------------------------------------

                 Key: MAPREDUCE-2743
                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-2743
             Project: Hadoop Map/Reduce
          Issue Type: Bug
          Components: mrv2
            Reporter: Vinod Kumar Vavilapalli
            Assignee: Vinod Kumar Vavilapalli
             Fix For: 0.23.0


ApplicationMaster should not be able to store container tokens and use the same set of tokens for repetitive container launches. The possibility of such abuse is there in the current code, we need to fix this.

A cache of recent containers on the NM along with container token expiry time should solve this.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Resolved] (MAPREDUCE-2743) [MR-279] [Security] AM should not be able to abuse container tokens for repetitive container launches

Posted by "Vinod Kumar Vavilapalli (Resolved) (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/MAPREDUCE-2743?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vinod Kumar Vavilapalli resolved MAPREDUCE-2743.
------------------------------------------------

    Resolution: Duplicate

I am fixing this as part of MAPREDUCE-3256. One less blocker :)
                
> [MR-279] [Security] AM should not be able to abuse container tokens for repetitive container launches
> -----------------------------------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-2743
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-2743
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: mrv2, nodemanager, security
>    Affects Versions: 0.23.0
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Vinod Kumar Vavilapalli
>            Priority: Blocker
>             Fix For: 0.23.0
>
>
> ApplicationMaster should not be able to store container tokens and use the same set of tokens for repetitive container launches. The possibility of such abuse is there in the current code, we need to fix this.
> A cache of recent containers on the NM along with container token expiry time should solve this.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira