[
https://issues.apache.org/jira/browse/BIGTOP-1050?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sean Mackrory updated BIGTOP-1050:
----------------------------------
Attachment: 0001-BIGTOP-1050.-Permission-on-YARN-LCE-should-be-4750.patch
I just tried it out with 4750 and it worked well. Not having the 4 bit, as you
point out, achieves no additional security, but at least it works :)
Thoughts?
> Permissions on YARN LCE should be 4754
> --------------------------------------
>
> Key: BIGTOP-1050
> URL: https://issues.apache.org/jira/browse/BIGTOP-1050
> Project: Bigtop
> Issue Type: Bug
> Reporter: Sean Mackrory
> Assignee: Sean Mackrory
> Priority: Blocker
> Fix For: 0.8.0
>
> Attachments:
> 0001-BIGTOP-1050.-Permission-on-YARN-LCE-should-be-4750.patch,
> 0001-BIGTOP-1050.-Permissions-on-YARN-LCE-should-be-4754.patch
>
>
> The permissions we set for the YARN container executor are not exactly
> correct and are different from what we used to set for the MRv1 task
> containers. The requirements for the permissions are as follows:
> * Readable/executable by the group
> * Not executable by others
> * Not writable by others
> * Set UID
> * Owned by root
> I've tested this in YARN and have tested that I can still submit and run jobs
> successfully with these new permissions. This is somewhat second-hand
> information, so I'll CC [~atm] in case I've missed any important details or
> context...
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
