Jie Yu created MESOS-6391:

             Summary: Command task's sandbox should not be owned by root if it 
uses container image.
                 Key: MESOS-6391
                 URL: https://issues.apache.org/jira/browse/MESOS-6391
             Project: Mesos
          Issue Type: Bug
    Affects Versions: 1.0.1, 0.28.2
            Reporter: Jie Yu

Currently, is the task defines a container image, the command executor will be 
run under root because it needs to perform pivot_root.

That means if the task wants to run under an unprivileged user, the sandbox of 
that task will not be writable because it's owned by root.

This message was sent by Atlassian JIRA

Reply via email to