You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/04/11 09:16:25 UTC

[jira] [Commented] (MESOS-4772) TaskInfo/ExecutorInfo should include fine-grained ownership/namespacing

    [ https://issues.apache.org/jira/browse/MESOS-4772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15234599#comment-15234599 ] 

Adam B commented on MESOS-4772:
-------------------------------

After even more discussion, the most flexible solution seems to be to pass the entire TaskInfo into the authorizer module interface, and then different authorizer module implementations can perform (ABAC-style) authorizations based on whatever attribute of the task is most meaningful to them, which could be role, label, resource type, or user.
The remaining question is how do the multi-user frameworks know what kind/format of metadata to attach to its tasks in order for the Mesos authorizer to authorize using that information? Perhaps we'll start experimenting with labels, then see what makes the most sense to first-class.

> TaskInfo/ExecutorInfo should include fine-grained ownership/namespacing
> -----------------------------------------------------------------------
>
>                 Key: MESOS-4772
>                 URL: https://issues.apache.org/jira/browse/MESOS-4772
>             Project: Mesos
>          Issue Type: Improvement
>          Components: security
>            Reporter: Adam B
>            Assignee: Jan Schlicht
>              Labels: authorization, mesosphere, ownership, security
>
> We need a way to assign fine-grained ownership to tasks/executors so that multi-user frameworks can tell Mesos to associate the task with a user identity (rather than just the framework principal+role). Then, when an HTTP user requests to view the task's sandbox contents, or kill the task, or list all tasks, the authorizer can determine whether to allow/deny/filter the request based on finer-grained, user-level ownership.
> Some systems may want TaskInfo.owner to represent a group rather than an individual user. That's fine as long as the framework sets the field to the group ID in such a way that a group-aware authorizer can interpret it.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)