[jira] [Commented] (YARN-5836) Malicious AM can kill containers of other apps running in any node its containers are running

Wed, 16 Nov 2016 14:42:14 -0800 

    [ 
https://issues.apache.org/jira/browse/YARN-5836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15671904#comment-15671904
 ] 

Hudson commented on YARN-5836:
------------------------------

SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10849 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/10849/])
YARN-5836. Malicious AM can kill containers of other apps running in any 
(jlowe: rev 59bfcbf3579e45ddf96db3aafccf669c8e03648f)
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/TestContainerManager.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/ContainerManagerImpl.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/BaseContainerManagerTest.java
* (edit) 
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/TestContainerManagerWithLCE.java


> Malicious AM can kill containers of other apps running in any node its 
> containers are running
> ---------------------------------------------------------------------------------------------
>
>                 Key: YARN-5836
>                 URL: https://issues.apache.org/jira/browse/YARN-5836
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: nodemanager
>            Reporter: Botong Huang
>            Assignee: Botong Huang
>            Priority: Minor
>         Attachments: YARN-5836.v1.patch, YARN-5836.v2.patch
>
>   Original Estimate: 5h
>  Remaining Estimate: 5h
>
> When AM calls NM via {{ContainerManagementProtocol}}, the NMToken is suppied 
> for authentication. The RPC server will verify the password of NMToken 
> (originally generated by RM) so that we know the content of NMTokenIdentifier 
> is geniune. 
> Next, for {{stopContainers()}} and {{getContainerStatus()}}, method 
> {{authorizeGetAndStopContainerRequest()}} is used to verify that the requsted 
> containers do belong to the AM by comparing them against the AppId in 
> NMTokenIdentifier. However, right now when the appId doesn't match, 
> {{authorizeGetAndStopContainerRequest()}} only log a warning message and 
> continues to kill the container... Overall a malicious AM can kill containers 
> of other apps running in any node its containers are running. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to