[MESOS-9876] Use geteuid to determine subprocess' user when launching task. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.9.0
Component/s: containerization
Labels:
- containerizer

Description

I have to run mesos-agent as root(or some user with root privilege) to isolate tasks' execution environment. For security, we

chmod +s to mesos-agent and then run it as some user A(We'll ssh as user A to do some ops, but NOT every has root privilege.).
use --switch_user to restrict tasks' capabilities(e.g. "rm -rf /" is not allowed).

The problem is that if we set CommandInfo.User to A(the same one running mesos-agent), the check in MesosContainerizerLaunch::execute()

if(uid.get() != os::getuid().get()){
  // some code
}

will always be false. As a result, all subprocesses will run as root.

So I suggest that we use geteuid here to replace getuid, namely

if (uid.get() != ::geteuid()){ 
  // some code 
}

Attachments

Activity

People

Assignee:: longfei

Reporter:: longfei

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 02/Jul/19 09:52

Updated:: 09/Jul/19 05:30

Resolved:: 09/Jul/19 05:30