You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Alexander Rojas (JIRA)" <ji...@apache.org> on 2016/05/24 22:11:12 UTC

[jira] [Commented] (MESOS-5153) Sandboxes contents should be protected from unauthorized users

    [ https://issues.apache.org/jira/browse/MESOS-5153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15299028#comment-15299028 ] 

Alexander Rojas commented on MESOS-5153:
----------------------------------------

[r/47794/|https://reviews.apache.org/r/47794/]: Added authorization support for {{mesos::internal::Files}}.
[r/47795/|https://reviews.apache.org/r/47795/]: Enabled authorization for sandboxes.


> Sandboxes contents should be protected from unauthorized users
> --------------------------------------------------------------
>
>                 Key: MESOS-5153
>                 URL: https://issues.apache.org/jira/browse/MESOS-5153
>             Project: Mesos
>          Issue Type: Bug
>          Components: security, slave
>            Reporter: Alexander Rojas
>            Assignee: Alexander Rojas
>              Labels: mesosphere, security
>             Fix For: 0.29.0
>
>
> MESOS-4956 introduced authentication support for the sandboxes. However, authentication can only go as far as to tell whether an user is known to mesos or not. An extra additional step is necessary to verify whether the known user is allowed to executed the requested operation on the sandbox (browse, read, download, debug).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)