[jira] [Commented] (MESOS-6027) Executor stdout/stderr should not be world-readable

Fri, 12 Aug 2016 00:59:42 -0700 

    [ 
https://issues.apache.org/jira/browse/MESOS-6027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15418490#comment-15418490
 ] 

Gaojin CAO commented on MESOS-6027:
-----------------------------------

hi [~adam-mesos], it seems the ownship of std{err,out} is alway `root`, what's 
ur mesos version?
i've tried both with Open DC/OS 1.7 and master branch, and I'm using marathon 
to create the job

{code}
{
  "id": "cgj",
    "cmd": "sh -c 'whoami && ls -l && sleep 1001'",
    "cpus": 1,
    "mem": 128,
    "disk": 0,
    "instances": 1,
    "user": "nobody"
}
{code}

here's the content of `stdout`:

{code}
Registered executor on 10.132.46.85
Starting task cgj.99f1493c-606c-11e6-b300-720c8ba0b31a
Forked command at 12170
sh -c 'sh -c 'whoami && ls -l && sleep 1001''
nobody
total 16
-rw-r--r-- 1 root root 169 Aug 12 05:09 stderr
-rw-r--r-- 1 root root 248 Aug 12 05:09 stderr.logrotate.conf
-rw-r--r-- 1 root root 168 Aug 12 05:09 stdout
-rw-r--r-- 1 root root 248 Aug 12 05:09 stdout.logrotate.conf
{code}

however, the sanbox's ownship is right
{code}
[root@slave-2 ~]# ll  
/var/lib/mesos/slave/slaves/622bee04-0f66-48be-adde-530c3eff37fd-S2/frameworks/768e36e6-cb49-4b28-8ae7-1064e5bab06a-0000/executors/cgj.99f1493c-606c-11e6-b300-720c8ba0b31a/runs/
total 4
drwxr-xr-x 2 nobody nobody  88 Aug 12 05:09 8ad396c6-0e22-4753-b465-c1cc01b8363a
lrwxrwxrwx 1 root   root   213 Aug 12 05:09 latest -> 
/var/lib/mesos/slave/slaves/622bee04-0f66-48be-adde-530c3eff37fd-S2/frameworks/768e36e6-cb49-4b28-8ae7-1064e5bab06a-0000/executors/cgj.99f1493c-606c-11e6-b300-720c8ba0b31a/runs/8ad396c6-0e22-4753-b465-c1cc01b8363a
{code}

even more, when using master branch mesos, when i pass whatever user except 
`root` the task will fail, am i missing something?

> Executor stdout/stderr should not be world-readable
> ---------------------------------------------------
>
>                 Key: MESOS-6027
>                 URL: https://issues.apache.org/jira/browse/MESOS-6027
>             Project: Mesos
>          Issue Type: Bug
>            Reporter: Adam B
>            Assignee: Gaojin CAO
>              Labels: newbie, security
>
> Running a task as 'nobody':
> {code}
> sh -c 'whoami && ls -l && sleep 1001'
> nobody
> -rw-r--r--. 1 nobody nobody 2199 Jul  7 00:12 stderr
> -rw-r--r--. 1 nobody nobody  208 Jul  7 00:12 stdout
> {code}
> As a user of a multi-tenant Mesos, I would expect my task logs to be 
> inaccessible to other users/tasks on the same node. Filesystem isolation 
> helps from one angle, but basic Linux filesystem permissions are just good 
> practice.
> There's no reason that any user other than the task user (i.e. the task 
> itself) and root (e.g. Mesos agent) should be able to access these logs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to