[
https://issues.apache.org/jira/browse/HADOOP-4490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12654477#action_12654477
]
Owen O'Malley commented on HADOOP-4490:
---------------------------------------
>From what I've heard, running under a security manager kills performance,
>which is pretty much a non-starter. Especially given that we need unix-level
>security anyways. In our environment, running as the real user is important.
>If I run a job, I should not be able to look at or kill your job's data or
>tasks, even if we are sharing a machine. Of course this feature needs to be
>optional, since:
1. It requires that all cluster users have accounts on all slave nodes in the
cluster
2. It requires native code that may not work on all platforms
3. It requires root access, which not all Hadoop admins have.
> Map and Reduce tasks should run as the user who submitted the job
> -----------------------------------------------------------------
>
> Key: HADOOP-4490
> URL: https://issues.apache.org/jira/browse/HADOOP-4490
> Project: Hadoop Core
> Issue Type: Sub-task
> Components: mapred, security
> Reporter: Arun C Murthy
> Assignee: Hemanth Yamijala
>
> Currently the TaskTracker spawns the map/reduce tasks, resulting in them
> running as the user who started the TaskTracker.
> For security and accounting purposes the tasks should be run as the job-owner.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
