When using LinuxTaskController, localized files may become accessible to
unintended users if permissions are misconfigured.
---------------------------------------------------------------------------------------------------------------------------
Key: MAPREDUCE-899
URL: https://issues.apache.org/jira/browse/MAPREDUCE-899
Project: Hadoop Map/Reduce
Issue Type: Bug
Components: tasktracker
Reporter: Vinod K V
To enforce the accessibility of job files to only the job-owner and the
TaskTracker, as per MAPREDUCE-842, it is _trusted_ that the setuid/setgid
linux TaskController binary is group owned by a _special group_ to which only
TaskTracker belongs and not just any group to which TT belongs. If the trust is
broken, possibly due to misconfiguration by admins, the local files become
accessible to unintended users, yet giving false sense of security to the
admins.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
