Jie Yu created MESOS-6391: ----------------------------- Summary: Command task's sandbox should not be owned by root if it uses container image. Key: MESOS-6391 URL: https://issues.apache.org/jira/browse/MESOS-6391 Project: Mesos Issue Type: Bug Affects Versions: 1.0.1, 0.28.2 Reporter: Jie Yu
Currently, is the task defines a container image, the command executor will be run under root because it needs to perform pivot_root. That means if the task wants to run under an unprivileged user, the sandbox of that task will not be writable because it's owned by root. -- This message was sent by Atlassian JIRA (v6.3.4#6332)