mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Mann <g...@mesosphere.io>
Subject Re: Review Request 58255: Added implicit authorization to the agent executor API.
Date Thu, 13 Apr 2017 19:40:02 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58255/#review171920
-----------------------------------------------------------



Add TODO to possibly move into authorizer, create ticket for consistent authZ story across
executors and frameworks.


src/slave/http.cpp
Lines 731 (patched)
<https://reviews.apache.org/r/58255/#comment244932>

    Return Forbidden?


- Greg Mann


On April 12, 2017, 7:28 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58255/
> -----------------------------------------------------------
> 
> (Updated April 12, 2017, 7:28 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, and Till Toenshoff.
> 
> 
> Bugs: MESOS-7339
>     https://issues.apache.org/jira/browse/MESOS-7339
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This patch updates the agent handler for the executor API to
> verify the FrameworkID and ExecutorID contained within the
> executor's `Principal`, if present. This effectively performs
> implicit authorization of executor calls.
> 
> 
> Diffs
> -----
> 
>   src/slave/http.cpp 468cf332d79ed7315ecf51955235735dec0a2df1 
> 
> 
> Diff: https://reviews.apache.org/r/58255/diff/2/
> 
> 
> Testing
> -------
> 
> Testing details can be found at the end of this chain.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message