Ravi Prakash commented on YARN-2424:

Thanks Tucu! In YARN-1253, Vinod wrote:
bq. Even if the jobs run as a single 'yarnuser', security isn't still there - 
like Arun said, any body can bomb HDFS directories of other users, any user can 
kill any other user's tasks/containers, any one can delete any one else's local 
dirs, log-dir and so on
Is that not true?

> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>                 Key: YARN-2424
>                 URL: https://issues.apache.org/jira/browse/YARN-2424
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: nodemanager
>    Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
>            Reporter: Allen Wittenauer
>            Priority: Blocker
>         Attachments: YARN-2424.patch
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios.  
> This is a fairly serious regression, as turning on LCE prior to turning on 
> full-blown security is a fairly standard procedure.

This message was sent by Atlassian JIRA

Reply via email to