[
https://issues.apache.org/jira/browse/MAPREDUCE-5475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jason Lowe reopened MAPREDUCE-5475:
-----------------------------------
Reverting this again... With YARN-707 users can see their own jobs again, but
other users can still kill them because the token user is always the app
submitter, and the AM sees all authenticated client connections coming from
that user.
> MRClientService does not verify ACLs properly
> ---------------------------------------------
>
> Key: MAPREDUCE-5475
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-5475
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: mr-am, mrv2
> Affects Versions: 2.0.4-alpha, 0.23.9
> Reporter: Jason Lowe
> Assignee: Jason Lowe
> Priority: Blocker
> Fix For: 2.1.1-beta
>
> Attachments: MAPREDUCE-5475.branch-0.23.patch, MAPREDUCE-5475.patch
>
>
> When MRClientService receives requests, it calls verifyAndGetJob which does
> not actually validate that the current user has the proper access.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
