You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Joe Smith (JIRA)" <ji...@apache.org> on 2014/08/07 00:45:12 UTC
[jira] [Commented] (MESOS-1678) Any framework with credentials can
kill any other framework via http
[ https://issues.apache.org/jira/browse/MESOS-1678?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14088409#comment-14088409 ]
Joe Smith commented on MESOS-1678:
----------------------------------
Yep, sounds great!
> Any framework with credentials can kill any other framework via http
> --------------------------------------------------------------------
>
> Key: MESOS-1678
> URL: https://issues.apache.org/jira/browse/MESOS-1678
> Project: Mesos
> Issue Type: Story
> Reporter: Joe Smith
>
> Looking through [the review introducing the /shutdown http endpoint|https://reviews.apache.org/r/22832], it appears that any framework's credentials can be used to shutdown any other framework:
> Around line 650:
> {code}
> foreach (const Credential& credential, master->credentials.get().http()) {
> if (credential.principal() == username &&
> (!credential.has_secret() || credential.secret() == password)) {
> // TODO(ijimenez) make removeFramework asynchronously
> master->removeFramework(framework);
> return OK();
> }
> }
> {code}
> Thanks to [~adam-mesos], I looked into in [authorization doc|https://github.com/apache/mesos/blob/master/docs/authorization.md], however I don't see where the ACL-checking is happening within that code.
--
This message was sent by Atlassian JIRA
(v6.2#6252)