[
https://issues.apache.org/jira/browse/HADOOP-3578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12699540#action_12699540
]
Owen O'Malley commented on HADOOP-3578:
---------------------------------------
I think the direction is right.
In terms of your questions:
1. I'd put an upper bound of 5mb on the job conf.
2. We probably should save each of the input split ranges in a separate file,
until we have append working right.
3. If they haven't finished their job submission in 1 hour, I'd remove it.
4. I wouldn't worry about this case. It is unlikely an authorized user will
DDOS the job tracker. If they want to there are more interesting approaches.
> mapred.system.dir should be accessible only to hadoop daemons
> --------------------------------------------------------------
>
> Key: HADOOP-3578
> URL: https://issues.apache.org/jira/browse/HADOOP-3578
> Project: Hadoop Core
> Issue Type: Bug
> Components: mapred
> Reporter: Amar Kamat
> Assignee: Amar Kamat
>
> Currently the jobclient accesses the {{mapred.system.dir}} to add job
> details. Hence the {{mapred.system.dir}} has the permissions of
> {{rwx-wx-wx}}. This could be a security loophole where the job files might
> get overwritten/tampered after the job submission.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
