Ravi Prakash commented on YARN-2424:

Hi Tucu!
bq. If security is OFF, I can simply submit a job as ANY user by simply doing 
-Duser.name=ANY. User ANY will be the one used by YARN and HDFS
Is this true? Are you suggesting that the blacklist (banner.users) in 
container-executor.cfg does not work? Could you not blacklist root, hdfs, 
mapred and yarn?

We are not doing this for security. We understand that +*with the right 
configuration*+, the level of security you provide is exactly the same as you 
would have in an unsecure cluster. If only the users of the cluster are 
whitelisted and all other users like root / mapred / yarn / hdfs are 
blacklisted, and the users which are whitelisted don't enjoy any elevated 
privilidges on the slave nodes. This is a perfectly valid configuration with 
the same level of security as would be provided if all yarn tasks ran one user.

Could you please point out a technical concern with the security in this 
configuration? This would not be a configuration for "troubleshooting only". 
This would be a perfectly valid configuration.

> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>                 Key: YARN-2424
>                 URL: https://issues.apache.org/jira/browse/YARN-2424
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: nodemanager
>    Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
>            Reporter: Allen Wittenauer
>            Priority: Blocker
>         Attachments: YARN-2424.patch
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios.  
> This is a fairly serious regression, as turning on LCE prior to turning on 
> full-blown security is a fairly standard procedure.

This message was sent by Atlassian JIRA

Reply via email to