[
https://issues.apache.org/jira/browse/HDDS-1712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16887393#comment-16887393
]
Anu Engineer commented on HDDS-1712:
------------------------------------
{quote}[~anu] Doesn't Ozone quick start guide refer to use docker-compose to
start the cluster? This
{quote}
It does not; that examples also say you can start a cluster on your laptop and
you can run the process inside a single docker container. Those are for people
who are wondering what Ozone is?. Those are not instructions for the real
product. As usual, you are getting confused between the real product and
documentation examples.
> Remove sudo access from Ozone docker image
> ------------------------------------------
>
> Key: HDDS-1712
> URL: https://issues.apache.org/jira/browse/HDDS-1712
> Project: Hadoop Distributed Data Store
> Issue Type: Bug
> Reporter: Eric Yang
> Assignee: Eric Yang
> Priority: Major
> Labels: pull-request-available
> Attachments: HDDS-1712.001.patch
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Ozone docker image is given unlimited sudo access to hadoop user. This poses
> a security risk where host level user uid 1000 can attach a debugger to the
> container process to obtain root access.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
