[jira] [Commented] (YARN-5280) Allow YARN containers to run with Java Security Manager

Mon, 11 Jul 2016 15:38:51 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15371815#comment-15371815
 ] 

Larry McCay commented on YARN-5280:
-----------------------------------

bq. In order to prevent users from granting themselves excess permissions this 
would likely need to take the form of server side configurations.

To clarify, the idea isn't so that applications would grant themselves 
permissions but instead declare the required permissions for the application. 
This allows for deployment time failure as apposed to runtime failure when a 
privileged action is attempted and fails. Of course, there is nothing stating 
that there couldn't be server side configuration to allow for a minimum set of 
permissions and some room for certain permissions that can be granted upon 
demand. In general, it would be expected that it would be a deploy time compare 
of those permissions required for deployment and those being granted by the 
container policy in server config.

The jar signing subtasks certainly seem appropriate. I would still like to hear 
the driving usecase/s and how many folks actually need it.

> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Priority: Minor
>         Attachments: YARN-5280.patch, YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have 
> the potential to add instability into the cluster. The Java Security Manager 
> can be used to prevent users from running privileged actions while still 
> allowing their core data processing use cases. 
> Introduce a YARN flag which will allow a Hadoop administrator to enable the 
> Java Security Manager for user code, while still providing complete 
> permissions to core Hadoop libraries.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to