[
https://issues.apache.org/jira/browse/AURORA-1723?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15348869#comment-15348869
]
Renan DelValle commented on AURORA-1723:
----------------------------------------
This actually came up last year when I was working bringing custom executors to
Aurora. If recall correctly, the concern then was that since the executor runs
as root in most clusters, there is a risk that an arbitrary file downloaded
externally can cause some serious damage. Following this school of thought,
I've currently made any URI downloaded into the sandbox non-executable, but if
we decide that we should leave this up to the user I'm fine with that as well.
Maybe [~wfarner] can provide a better explanation and weigh in on this as well.
> Add support for Mesos Fetcher
> -----------------------------
>
> Key: AURORA-1723
> URL: https://issues.apache.org/jira/browse/AURORA-1723
> Project: Aurora
> Issue Type: Task
> Components: Scheduler
> Reporter: Renan DelValle
> Priority: Minor
> Labels: features
>
> Adding support for Aurora Tasks to be capable of using the [Mesos
> Fetcher|http://mesos.apache.org/documentation/latest/fetcher/] by allowing
> the client to provide arbitrary URIs at which resources can be retrieved.
> Resources will be marked non-executable to avoid security risks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
