[
https://issues.apache.org/jira/browse/MAPREDUCE-1418?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12853840#action_12853840
]
Hemanth Yamijala commented on MAPREDUCE-1418:
---------------------------------------------
bq. I don't see any special validation done for the method kill_user_task() in
task-controller.
This is a valid concern. We have checks in place to prevent this from
happening, but those same checks actually protect against the relative paths as
well. Hence, in a sense this JIRA will be moot given the same assumptions.
Since this JIRA is specifically focused on protecting against relative path
usage, I propose we stick to the course taken by the patch, and fix the kill
issue in a follow-up. Thoughts ?
> LinuxTaskController binary misses validation of arguments passed for relative
> components in some cases.
> -------------------------------------------------------------------------------------------------------
>
> Key: MAPREDUCE-1418
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-1418
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: security, tasktracker
> Reporter: Vinod K V
> Assignee: Hemanth Yamijala
> Attachments: MAPREDUCE-1418.patch
>
>
> The function {{int check_path_for_relative_components(char * path)}} should
> be used to validate the absence of relative components before any operation
> is done on those paths. This is missed in all the {{initialize*()}}
> functions, as Hemanth pointed out offline.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
