mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jay Guo <guojiannan1...@gmail.com>
Subject Re: Review Request 58096: Added authorization for frameworks in /roles endpoint.
Date Wed, 12 Apr 2017 05:38:23 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58096/
-----------------------------------------------------------

(Updated April 12, 2017, 1:38 p.m.)


Review request for mesos, Adam B, Alexander Rojas, and Benjamin Mahler.


Changes
-------

rebase


Bugs: MESOS-7260
    https://issues.apache.org/jira/browse/MESOS-7260


Repository: mesos


Description
-------

While /roles displays a list of frameworksIds that register with
a role, it did NOT filter them based on VIEW_FRAMEWORK ACL, which
impose a security risk. This patch fixed this issue by taking a
frameworksApprover in `Master::Http::roles()` which is used to
filter framework IDs.


Diffs (updated)
-----

  src/master/http.cpp 0e84d363b346de1ef05101dac066c2f0cf31609d 


Diff: https://reviews.apache.org/r/58096/diff/3/

Changes: https://reviews.apache.org/r/58096/diff/2-3/


Testing
-------

see next patch in the chain.


Thanks,

Jay Guo


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message