[
https://issues.apache.org/jira/browse/YARN-617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13658813#comment-13658813
]
Omkar Vinit Joshi commented on YARN-617:
----------------------------------------
Thanks vinod..
bq. ContainerManager.getContainerTokenIdentifier should be changed to throw
only YarnRemoteException, we only throw that at the YARN layer
Fixed ..using RPCUtil.getRemoteException
bq. I still don't understand the DEL changes in TestNodeManagerReboot. You
haven't given any explanation. Don't think they are needed.
My bad... I had reverted the change ..but there were formatting issues which
showed up in diff.. Fixed..
> In unsercure mode, AM can fake resource requirements
> -----------------------------------------------------
>
> Key: YARN-617
> URL: https://issues.apache.org/jira/browse/YARN-617
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Vinod Kumar Vavilapalli
> Assignee: Omkar Vinit Joshi
> Priority: Minor
> Attachments: YARN-617.20130501.1.patch, YARN-617.20130501.patch,
> YARN-617.20130502.patch, YARN-617-20130507.patch, YARN-617.20130508.patch,
> YARN-617-20130513.patch, YARN-617-20130515.patch
>
>
> Without security, it is impossible to completely avoid AMs faking resources.
> We can at the least make it as difficult as possible by using the same
> container tokens and the RM-NM shared key mechanism over unauthenticated
> RM-NM channel.
> In the minimum, this will avoid accidental bugs in AMs in unsecure mode.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
