[
https://issues.apache.org/jira/browse/HADOOP-3578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12608031#action_12608031
]
Devaraj Das commented on HADOOP-3578:
-------------------------------------
The only potential issue with Owen's approach is in the case when the JT is
lagging behind in the move of user's jobdir to under the submit dir (maybe jobs
are getting submitted at a high rate), and the JT crashes, the users have to
clean up the respective jobdirs. In the case where the users write the job
stuff to a directory known to the JobTracker, this issue won't arise.. But
granted this issue may not happen that frequently..
> mapred.system.dir should be accessible only to hadoop daemons
> --------------------------------------------------------------
>
> Key: HADOOP-3578
> URL: https://issues.apache.org/jira/browse/HADOOP-3578
> Project: Hadoop Core
> Issue Type: Bug
> Components: mapred
> Reporter: Amar Kamat
>
> Currently the jobclient accesses the {{mapred.system.dir}} to add job
> details. Hence the {{mapred.system.dir}} has the permissions of
> {{rwx-wx-wx}}. This could be a security loophole where the job files might
> get overwritten/tampered after the job submission.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
