Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-1712

Remove sudo access from Ozone docker image

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • None

    Description

      Ozone docker image is given unlimited sudo access to hadoop user. This poses a security risk where host level user uid 1000 can attach a debugger to the container process to obtain root access.

      Attachments

        1. HDDS-1712.001.hadoop-docker-ozone.patch
          0.9 kB
          Eric Yang
        2. HDDS-1712.002.patch
          3 kB
          Eric Yang
        3. HDDS-1712.001.patch
          0.5 kB
          Eric Yang

        Issue Links

          links to

          Web Link GitHub Pull Request #1053

          Activity

            People

              eyang Eric Yang
              eyang Eric Yang
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h