[jira] [Commented] (MESOS-6504) Use 'geteuid()' for the root privileges check.

Avinash Sridharan (JIRA) Fri, 06 Jan 2017 22:48:07 -0800

    [ 
https://issues.apache.org/jira/browse/MESOS-6504?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15806960#comment-15806960
 ]


Avinash Sridharan commented on MESOS-6504:
------------------------------------------

[~gilbert] [~jieyu] will be able to finish this in the coming sprint? If not we 
should move it out of the sprint.

> Use 'geteuid()' for the root privileges check.
> ----------------------------------------------
>
>                 Key: MESOS-6504
>                 URL: https://issues.apache.org/jira/browse/MESOS-6504
>             Project: Mesos
>          Issue Type: Bug
>          Components: isolation
>            Reporter: Gilbert Song
>            Assignee: Gilbert Song
>              Labels: backend, isolator, mesosphere, user
>
> Currently, parts of code in Mesos check the root privileges using os::user() 
> to compare to "root", which is not sufficient, since it compares the real 
> user. When people change the mesos binary by 'setuid root', the process may 
> not have the right permission to execute.
> We should check the effective user id instead in our code. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (MESOS-6504) Use 'geteuid()' for the root privileges check.

Reply via email to