[jira] [Commented] (YARN-5280) Allow YARN containers to run with Java Security Manager

Tue, 14 Feb 2017 07:22:39 -0800 

    [ 
https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15865949#comment-15865949
 ] 

Greg Phillips commented on YARN-5280:
-------------------------------------

[~rkanter] - Thanks for your insights.  I have added tests for every regex 
which demonstrate positive/negative cases.  Additionally the patterns have been 
modified to ensure the passed command will instantiate a JVM.  

Application submitters are still able to provide arbitrary commands to launch 
the ApplicationMaster.  If they provide command which doesn't use java it will 
be blocked in 'enforcing' mode.  Otherwise they could potentially call any 
version of java which exists on the system where the Application Master is 
allocated (including /evil/java).

> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Assignee: Greg Phillips
>            Priority: Minor
>              Labels: oct16-medium
>         Attachments: YARN-5280.001.patch, YARN-5280.002.patch, 
> YARN-5280.003.patch, YARN-5280.004.patch, YARN-5280.005.patch, 
> YARN-5280.006.patch, YARN-5280.007.patch, YARN-5280.patch, 
> YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have 
> the potential to add instability into the cluster. The Java Security Manager 
> can be used to prevent users from running privileged actions while still 
> allowing their core data processing use cases. 
> Introduce a YARN flag which will allow a Hadoop administrator to enable the 
> Java Security Manager for user code, while still providing complete 
> permissions to core Hadoop libraries.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to