You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/05/06 10:14:12 UTC

[jira] [Commented] (MESOS-5317) Authorize the agent's '/containers' endpoint

    [ https://issues.apache.org/jira/browse/MESOS-5317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15273873#comment-15273873 ] 

Adam B commented on MESOS-5317:
-------------------------------

Should we do GET_ENDPOINT_WITH_PATH coarse-grained authz on this endpoint, or per-container/executor filtering?
[~jieyu], nobody's depending on this new endpoint yet right, so can we punt on authn/z for it for now and recommend the endpoint be disabled on secure clusters that care about protecting access to container stats? Then we can take the time to design what authz should look like.

> Authorize the agent's '/containers' endpoint
> --------------------------------------------
>
>                 Key: MESOS-5317
>                 URL: https://issues.apache.org/jira/browse/MESOS-5317
>             Project: Mesos
>          Issue Type: Improvement
>          Components: security, slave
>            Reporter: Greg Mann
>              Labels: authorization, mesosphere
>             Fix For: 0.29.0
>
>
> After the agent's {{/containers}} endpoint is authenticated, we should enabled authorization as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)