[ https://issues.apache.org/jira/browse/YARN-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14102416#comment-14102416 ]
Allen Wittenauer commented on YARN-2424: ---------------------------------------- BTW, it should be pointed out that the current code doesn't actually protect non-RPCSEC NFSv3/v2 directories. It only prevents them from being mounted using system facilities. (I'll leave it up to the reader to see how to implement an exploit.... not that it's particularly hard.) The only "security" thing the current code does is limit containers to run as one uid which in turn means preventing access to any elevated privs that any other user might have. That's it. So if you have too many users with, say, passwordless sudo or if you don't want to publish user names to your compute nodes, the current code helps. Otherwise, you're getting zero benefits. For example, YARN scheduling and HDFS writes are still being done by the originally requested user. The security aspects, as pointed out in the original JIRA, are a red herring. > LCE should support non-cgroups, non-secure mode > ----------------------------------------------- > > Key: YARN-2424 > URL: https://issues.apache.org/jira/browse/YARN-2424 > Project: Hadoop YARN > Issue Type: Bug > Components: nodemanager > Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1 > Reporter: Allen Wittenauer > Priority: Blocker > Attachments: YARN-2424.patch > > > After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios. > This is a fairly serious regression, as turning on LCE prior to turning on > full-blown security is a fairly standard procedure. -- This message was sent by Atlassian JIRA (v6.2#6252)