You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/12/01 08:01:11 UTC
[jira] [Commented] (MESOS-6474) Add fine-grained ACLs for
authorization with the new debugging APIs
[ https://issues.apache.org/jira/browse/MESOS-6474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15711250#comment-15711250 ]
Adam B commented on MESOS-6474:
-------------------------------
commit de2a7f41407b6b171d10675b7a09bcbfea41564d
Author: Alexander Rojas <al...@mesosphere.io>
Date: Wed Nov 30 18:03:40 2016 -0800
Added authorization to Nested Container API.
Makes use of the already existing authorization actions and ACLs
definitions and wires them together with the existing API
implementations.
Review: https://reviews.apache.org/r/53851/
commit 19296e0fc2bd28f83bafdf5a7ac48146ee085449
Author: Alexander Rojas <al...@mesosphere.io>
Date: Wed Nov 30 17:51:22 2016 -0800
Added authorization actions for Nested Container and Debug API.
Creates new authorization action for all the API's related to
nested containers. This patch does not add the code necesary to
call use those actions, this is done in a latter patch.
Review: https://reviews.apache.org/r/53541/
> Add fine-grained ACLs for authorization with the new debugging APIs
> -------------------------------------------------------------------
>
> Key: MESOS-6474
> URL: https://issues.apache.org/jira/browse/MESOS-6474
> Project: Mesos
> Issue Type: Task
> Reporter: Kevin Klues
> Assignee: Alexander Rojas
> Labels: debugging, mesosphere, security
>
> We already have ACLs in place for determining if a user has access to see a certain task when querying {{state.json}} on the master/agent, or browse/download a task's sandbox. However, we will have to add similar ACLs for making sure they have the correct permissions to execute the new Debugging APs on behalf of those tasks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)