[ 
https://issues.apache.org/jira/browse/MAPREDUCE-896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12785787#action_12785787
 ] 

Hemanth Yamijala commented on MAPREDUCE-896:
--------------------------------------------

Some comments on the C code and testcases:

- I feel secure_path is a better API name than change_permissions - any 
specific reason for the change ?
- The parameter 'secure' can be renamed 'check_ownership' to better reflect its 
intent.
- Why do we need check_group ?
- Please document the permissions being set in the comments describing 
enable_path_for_deletion, like is done for other methods like initialize_user.
- Typo in test case createFileAndSetPermissions ? a=rw should be a-rw  
- The error in TestLocalizationWithLinuxTaskController.testUserLocalization 
could be better fixed by refactoring the test cases in 
TestLocalizationWithLinuxTaskController and TestTaskTrackerLocalization as 
follows:
  Define a method canRun() in TestTaskTrackerLocalization and call it as the 
first statement in every test in TestTaskTrackerLocalization. Override this 
method in TestLocalizationWithLinuxTaskController to return 
ClusterWithLinuxTaskController.shouldRun(). Then we can stop overriding every 
test case in TestTaskTrackerLocalization
- It seems like we can write a test case for TaskRunner.setupWorkDir, if we 
ignore distributed cache files for now.

> Users can set non-writable permissions on temporary files for TT and can 
> abuse disk usage.
> ------------------------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-896
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-896
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: tasktracker
>    Affects Versions: 0.21.0
>            Reporter: Vinod K V
>            Assignee: Ravi Gummadi
>             Fix For: 0.21.0
>
>         Attachments: MR-896.patch, MR-896.v1.patch
>
>
> As of now, irrespective of the TaskController in use, TT itself does a full 
> delete on local files created by itself or job tasks. This step, depending 
> upon TT's umask and the permissions set by files by the user, for e.g in 
> job-work/task-work or child.tmp directories, may or may not go through 
> successful completion fully. Thus is left an opportunity for abusing disk 
> space usage either accidentally or intentionally by TT/users.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to