Yellow elephant friends. Can I get a sponsor to review? I am chomping at the bit you know. I used all my free AI credits to make the "MUSL hadoop" logo. Got to get the PRS merged :
[image: output.jpg] On Fri, Jan 23, 2026 at 8:59 AM Edward Capriolo <[email protected]> wrote: > Hey friends, I have been busy. Please when you can take a look at these > things. The two related to my best friend "container executor" are c. IF > that scares you like it scared me I annotated the PR so it is hopefully > less scary. > > > Less vulnerabilities. a win for hadoop security! > https://github.com/apache/hadoop/pull/8188 > > Code is not portable and not correct. I annotated the PR with comments so > non c people can understand why > https://github.com/apache/hadoop/pull/8177 > > The owasp plugin (the thing that helps you detect vulnerable code) is old > and doesnt work > https://github.com/apache/hadoop/pull/8186 > > In my estimation the container executor has another leak, I also do not > see how it works at all with the premissions it sets, maybe everyone is > running foks or patches? The code is refined and you can see that the > method in question is not called during the test suite. hence my added tests > > https://github.com/apache/hadoop/pull/8184 > > >
