[jira] [Commented] (MAPREDUCE-4572) Can not access user logs - Jetty is not configured by default to serve aliases/symlinks

Tue, 28 Aug 2012 13:23:10 -0700 

    [ 
https://issues.apache.org/jira/browse/MAPREDUCE-4572?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13443490#comment-13443490
 ] 

Ahmed Radwan commented on MAPREDUCE-4572:
-----------------------------------------

Sorry for the confusion in the description, it is the TaskTracker /logs 
servlet. I see your points and understand your concerns. As you know, 
MAPREDUCE-2415 introduced these new design changes and symlinks. So with this 
new design, and without this patch, these symlinks in userlogs are not longer 
served. I agree that the use of symlinks and the way of serving them need to be 
revisited in a more generic way.

Regarding this ticket, what do you think about amending the current patch to 
have this "aliases serving" disabled by default, and also amending the docs for 
this added property to highlight these security considerations. 

This seems sufficient since we are relying on the admin to explicitly enable 
this property. Additionally, this servlet is admin authorized, so normal or 
malicious users won't have access, and won't be able to view unauthorized 
contents through this servlet. What do you think?

                
> Can not access user logs - Jetty is not configured by default to serve 
> aliases/symlinks
> ---------------------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-4572
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-4572
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: tasktracker, webapps
>    Affects Versions: 1.0.0
>            Reporter: Ahmed Radwan
>            Assignee: Ahmed Radwan
>             Fix For: 1.2.0, 2.2.0-alpha
>
>         Attachments: MAPREDUCE-4572.patch, MAPREDUCE-4572_trunk.patch
>
>
> The task log servlet can no longer access user logs because MAPREDUCE-2415 
> introduce symlinks to the logs and jetty is not configured by default to 
> serve symlinks. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to