[
https://issues.apache.org/jira/browse/YARN-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14102416#comment-14102416
]
Allen Wittenauer commented on YARN-2424:
----------------------------------------
BTW, it should be pointed out that the current code doesn't actually protect
non-RPCSEC NFSv3/v2 directories. It only prevents them from being mounted
using system facilities. (I'll leave it up to the reader to see how to
implement an exploit.... not that it's particularly hard.)
The only "security" thing the current code does is limit containers to run as
one uid which in turn means preventing access to any elevated privs that any
other user might have. That's it. So if you have too many users with, say,
passwordless sudo or if you don't want to publish user names to your compute
nodes, the current code helps. Otherwise, you're getting zero benefits. For
example, YARN scheduling and HDFS writes are still being done by the originally
requested user.
The security aspects, as pointed out in the original JIRA, are a red herring.
> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>
> Key: YARN-2424
> URL: https://issues.apache.org/jira/browse/YARN-2424
> Project: Hadoop YARN
> Issue Type: Bug
> Components: nodemanager
> Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
> Reporter: Allen Wittenauer
> Priority: Blocker
> Attachments: YARN-2424.patch
>
>
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios.
> This is a fairly serious regression, as turning on LCE prior to turning on
> full-blown security is a fairly standard procedure.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
