You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Greg Mann (JIRA)" <ji...@apache.org> on 2017/04/06 01:36:41 UTC

[jira] [Comment Edited] (MESOS-7012) Add authorization actions for V1 executor calls

    [ https://issues.apache.org/jira/browse/MESOS-7012?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15958146#comment-15958146 ] 

Greg Mann edited comment on MESOS-7012 at 4/6/17 1:36 AM:
----------------------------------------------------------

After some discussion with [~vinodkone] and [~adam-mesos], we think that we can avoid adding these authorization actions at this time. Similar to the way the master's {{/scheduler}} endpoint handler effectively performs implicit authorization by verifying that the authenticated principal matches the principal in the {{FrameworkInfo}} associated with the {{FrameworkID}} set in the call, we can include simple implicit authorization in the handler for the agent {{/executor}} endpoint as well.

Closing as Won't Do.


was (Author: greggomann):
After some discussion with [~vinodkone] and [~adam-mesos], we think that we can avoid adding these authorization actions at this time. Similar to the way the master's {{/scheduler}} endpoint handler effectively performs implicit authorization by verifying that the authenticated principal matches the principal in the {{FrameworkInfo}} associated with the {{FrameworkID}} set in the call, we can include simple implicit authorization in the handler for the agent {{/executor}} endpoint as well.

Closing as Won't Fix.

> Add authorization actions for V1 executor calls
> -----------------------------------------------
>
>                 Key: MESOS-7012
>                 URL: https://issues.apache.org/jira/browse/MESOS-7012
>             Project: Mesos
>          Issue Type: Task
>          Components: agent, executor, security
>            Reporter: Greg Mann
>            Assignee: Greg Mann
>              Labels: authorization, executor, mesosphere, protobuf, security
>
> Authorization actions should be added for the V1 executor calls:
> * Subscribe
> * Update
> * Message



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)