Google Git
Sign in
apache / hadoop-mapreduce / a4240ee76b00719e63379e286c6b9b4da30341ef^! / .
commita4240ee76b00719e63379e286c6b9b4da30341ef[log] [tgz]
authorTodd Lipcon <todd@apache.org>Mon Mar 07 03:10:20 2011 +0000
committerTodd Lipcon <todd@apache.org>Mon Mar 07 03:10:20 2011 +0000
treee7542d1056a81577f06a5638bca04419553151d3
parenteaa69447e213f7758e6b2ef5fab7b89d3290f9db [diff]
MAPREDUCE-2272. Job ACL file should not be executable. Contributed by Harsh J Chouraria

git-svn-id: https://svn.apache.org/repos/asf/hadoop/mapreduce/trunk@1078656 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES.txt b/CHANGES.txt
index 541a9b4..e92cd76 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt

@@ -607,6 +607,9 @@
     MAPREDUCE-2054. Hierarchical queue implementation broke dynamic queue
     addition in Dynamic Scheduler. (Thomas Sandholm via tomwhite)
 
+    MAPREDUCE-2272. Job ACL file should not be executable
+    (Harsh J Chouraria via todd)
+
 Release 0.21.1 - Unreleased
 
   NEW FEATURES

diff --git a/src/java/org/apache/hadoop/mapred/TaskTracker.java b/src/java/org/apache/hadoop/mapred/TaskTracker.java
index e15f403..0dd1124 100644
--- a/src/java/org/apache/hadoop/mapred/TaskTracker.java
+++ b/src/java/org/apache/hadoop/mapred/TaskTracker.java

@@ -59,7 +59,6 @@
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.DF;
 import org.apache.hadoop.fs.CommonConfigurationKeys;
-import org.apache.hadoop.fs.FSDataInputStream;
 import org.apache.hadoop.fs.FileStatus;
 import org.apache.hadoop.fs.FileSystem;
 import org.apache.hadoop.fs.FileUtil;
@@ -1159,7 +1158,7 @@
 
     FileOutputStream out;
     try {
-      out = SecureIOUtils.createForWrite(aclFile, 0700);
+      out = SecureIOUtils.createForWrite(aclFile, 0600);
     } catch (SecureIOUtils.AlreadyExistsException aee) {
       LOG.warn("Job ACL file already exists at " + aclFile, aee);
       return;

diff --git a/src/test/mapred/org/apache/hadoop/mapred/TestTaskTrackerLocalization.java b/src/test/mapred/org/apache/hadoop/mapred/TestTaskTrackerLocalization.java
index a6104e5..96ed9fa 100644
--- a/src/test/mapred/org/apache/hadoop/mapred/TestTaskTrackerLocalization.java
+++ b/src/test/mapred/org/apache/hadoop/mapred/TestTaskTrackerLocalization.java

@@ -576,7 +576,7 @@
 
     // With default task controller, the job-acls.xml file is owned by TT and
     // permissions are 700
-    checkFilePermissions(jobACLsFile.getAbsolutePath(), "-rwx------",
+    checkFilePermissions(jobACLsFile.getAbsolutePath(), "-rw-------",
         taskTrackerUGI.getShortUserName(), taskTrackerUGI.getGroupNames()[0]);
 
     validateJobACLsFileContent();