[ 
https://issues.apache.org/jira/browse/YARN-2987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14260576#comment-14260576
 ] 

Varun Saxena commented on YARN-2987:
------------------------------------

bq. could you add a test case that a non-authorized user not able to get the 
application report ?
[~jianhe], added the case. Kindly review. 

> ClientRMService#getQueueInfo doesn't check app ACLs
> ---------------------------------------------------
>
>                 Key: YARN-2987
>                 URL: https://issues.apache.org/jira/browse/YARN-2987
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Jian He
>            Assignee: Varun Saxena
>         Attachments: YARN-2987.001.patch, YARN-2987.002.patch
>
>
> ClientRMService#getQueueInfo can return a list of applications belonging to 
> the queue, but doesn't actually check if the user has the permission to view 
> the applications.  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to