Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Won't Fix
-
None
-
None
-
None
Description
When DockerContainerExector launches a container, the root inside that container has root privileges on the host.
This is insecure in a mult-tenant environment. The uid of the container's root user must be mapped to a non-privileged user on the host.
Attachments
Issue Links
- is part of
-
YARN-2466 Umbrella issue for Yarn launched Docker Containers
- Resolved