mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Rojas <alexan...@mesosphere.io>
Subject Re: Review Request 58253: Added a ContainerID to 'ObjectApprover::Object'.
Date Fri, 07 Apr 2017 10:43:48 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58253/#review171327
-----------------------------------------------------------




include/mesos/authorizer/authorizer.proto
Lines 57 (patched)
<https://reviews.apache.org/r/58253/#comment244233>

    I was thinking that instead of having one field `container_id`, why not having a map of
claims, then you can verify that each claim made by the subject matches the claims in the
object whithout needing to know the supported claims in advance.
    
    Limiting the fields is what lead to the whole redising of the object in the first place,
from a `string value` to suport the info objects.


- Alexander Rojas


On April 7, 2017, 5:33 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58253/
> -----------------------------------------------------------
> 
> (Updated April 7, 2017, 5:33 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Till Toenshoff, and Vinod Kone.
> 
> 
> Bugs: MESOS-7014
>     https://issues.apache.org/jira/browse/MESOS-7014
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This patch adds a new member, `container_id` to the
> `ObjectApprover::Object` to facilitate implicit executor
> authorization.
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/authorizer.hpp 75801ccc753a60ce5e5979b6723fd2294ce7ffe5 
>   include/mesos/authorizer/authorizer.proto 736f76d552956f2351ffd40fc51d088dff83f8c8

>   src/authorizer/local/authorizer.cpp e241edf4afa48d35dbbbb94d72e8e8690f5bedfc 
> 
> 
> Diff: https://reviews.apache.org/r/58253/diff/1/
> 
> 
> Testing
> -------
> 
> Testing details can be found at the end of this chain.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message