[
https://issues.apache.org/jira/browse/HDDS-1712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16877347#comment-16877347
]
Anu Engineer commented on HDDS-1712:
------------------------------------
It was a bug that is fixed. Why will I change my code for an already fixed bug
in some other products code base? if that is so; Ozone and Hadoop will have to
write special code for all known CVE. I am sure you understand how insane that
is.
So unless you can show me a real issue, I don't want to commit this.
> Remove sudo access from Ozone docker image
> ------------------------------------------
>
> Key: HDDS-1712
> URL: https://issues.apache.org/jira/browse/HDDS-1712
> Project: Hadoop Distributed Data Store
> Issue Type: Bug
> Reporter: Eric Yang
> Assignee: Eric Yang
> Priority: Major
> Attachments: HDDS-1712.001.patch
>
>
> Ozone docker image is given unlimited sudo access to hadoop user. This poses
> a security risk where host level user uid 1000 can attach a debugger to the
> container process to obtain root access.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
