[
https://issues.apache.org/jira/browse/HDDS-1712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16886351#comment-16886351
]
Elek, Marton commented on HDDS-1712:
------------------------------------
1. Feel free to upload two patches. As in HDDS-1799, we can commit them in the
right order. But we need full fix. If the patches are committed in the right
order, all the examples, tests, cluster definitions should work well and they
shouldb't be broken. That's exactly the same requirement what HDDS-1799 has.
2. grep for OZONE-SITE instead of CORE-SITE? The workflow is very similar to
the docker-compose clusters just using kubernetes configmap instead of env
files.
If I understood well we can agree that the mentioned statement was not true and
kubernetes examples doesn't use replication factor 1.
> Remove sudo access from Ozone docker image
> ------------------------------------------
>
> Key: HDDS-1712
> URL: https://issues.apache.org/jira/browse/HDDS-1712
> Project: Hadoop Distributed Data Store
> Issue Type: Bug
> Reporter: Eric Yang
> Assignee: Eric Yang
> Priority: Major
> Labels: pull-request-available
> Attachments: HDDS-1712.001.patch
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Ozone docker image is given unlimited sudo access to hadoop user. This poses
> a security risk where host level user uid 1000 can attach a debugger to the
> container process to obtain root access.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
