You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Artem Harutyunyan (JIRA)" <ji...@apache.org> on 2016/05/13 14:54:13 UTC

[jira] [Updated] (MESOS-5153) Sandboxes contents should be protected from unauthorized users

     [ https://issues.apache.org/jira/browse/MESOS-5153?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Artem Harutyunyan updated MESOS-5153:
-------------------------------------
    Sprint: Mesosphere Sprint 33, Mesosphere Sprint 34, Mesosphere Sprint 35  (was: Mesosphere Sprint 33, Mesosphere Sprint 34)

> Sandboxes contents should be protected from unauthorized users
> --------------------------------------------------------------
>
>                 Key: MESOS-5153
>                 URL: https://issues.apache.org/jira/browse/MESOS-5153
>             Project: Mesos
>          Issue Type: Bug
>          Components: security, slave
>            Reporter: Alexander Rojas
>            Assignee: Alexander Rojas
>              Labels: mesosphere, security
>             Fix For: 0.29.0
>
>
> MESOS-4956 introduced authentication support for the sandboxes. However, authentication can only go as far as to tell whether an user is known to mesos or not. An extra additional step is necessary to verify whether the known user is allowed to executed the requested operation on the sandbox (browse, read, download, debug).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)