[MESOS-7399] Move implicit authorization into the authorizer - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: executor, scheduler api
Labels:
- mesosphere
- security

Epic Link:
Executor Auth Improvements
Story Points:
5

Description

The HTTP scheduler and executor APIs contain implicit authorization rules. Roughly stated, the rule is that schedulers and executors can only perform actions for/on schedulers/executors with the same principal. For example, schedulers can only launch tasks on schedulers with the same principal, and executors can only launch nested containers within an executor using the same principal.

These implicit authorization rules should be moved into the authorizer to maintain separation of authorization logic consistent with the rest of the Mesos codebase.

Note that these rules will be unnecessary in the V0 scheduler/executor APIs due to their implementation. Since V0 schedulers and executors authenticate once when their persistent TCP connection is established, the implicit authorization of subsequent actions performed on that connection is inherent to the implementation.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Greg Mann

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 18/Apr/17 15:04

Updated:: 21/Apr/17 22:56