Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-6709

Root privilege escalation in experimental Docker support

    Details

    • Release Note:
      CVE-2017-7669 / YARN's Docker support did not do enough input validation. This allowed a root level escalation from an ordinary user account.
    • Flags:
      Important
    • External issue ID:
      CVE-2017-7669

      Description

      YARN-3853 and friends do not do enough input validation. They allow a user to do escalate privileges at root trivially. See https://effectivemachines.com/2017/06/02/docker-security-in-framework-managed-multi-user-environments/ for more information.

        Attachments

          Activity

            People

            • Assignee:
              vvasudev Varun Vasudev
              Reporter:
              aw Allen Wittenauer
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: