[
https://issues.apache.org/jira/browse/YARN-9442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16904142#comment-16904142
]
Jim Brennan commented on YARN-9442:
-----------------------------------
[~eyang] read permission is needed for directory listing. execute permissions
would allow that group to access files in the directory where the files
themselves have appropriate permissions.
But I think all of the NM setup/access of the working directory is done as a
privileged operation, so the group read permissions are not needed for that.
> container working directory has group read permissions
> ------------------------------------------------------
>
> Key: YARN-9442
> URL: https://issues.apache.org/jira/browse/YARN-9442
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: yarn
> Affects Versions: 3.2.2
> Reporter: Jim Brennan
> Assignee: Jim Brennan
> Priority: Minor
> Attachments: YARN-9442.001.patch, YARN-9442.002.patch,
> YARN-9442.003.patch
>
>
> Container working directories are currently created with permissions 0750,
> owned by the user and with the group set to the node manager group.
> Is there any reason why these directories need group read permissions?
> I have been testing with group read permissions removed and so far I haven't
> encountered any problems.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
