Github user arunmahadevan commented on the issue:
https://github.com/apache/storm/pull/2721
Unless `supervisor.run.worker.as.user` is set, the worker process runs as
"storm" user. I guess the supervisor should always check "if all processes are
dead" by just looking if the worker pids are alive than doing user comparison,
since there is no mapping between the user that launched the topology (e.g
kerberos user) and the actual OS user that worker is running as (this is always
storm).. In the "run as user" container the "kill" command is launched by
switching to the OS user that worker is actually running as here -
https://github.com/apache/storm/blob/1.x-branch/storm-core/src/jvm/org/apache/storm/daemon/supervisor/RunAsUserContainer.java#L55
and that should take care of the security.
---
