Details
-
Story
-
Status: Resolved
-
Major
-
Resolution: Duplicate
-
None
-
None
-
None
-
None
Description
Looking through the review introducing the /shutdown http endpoint, it appears that any framework's credentials can be used to shutdown any other framework:
Around line 650:
foreach (const Credential& credential, master->credentials.get().http()) { if (credential.principal() == username && (!credential.has_secret() || credential.secret() == password)) { // TODO(ijimenez) make removeFramework asynchronously master->removeFramework(framework); return OK(); } }
Thanks to adam-mesos, I looked into in authorization doc, however I don't see where the ACL-checking is happening within that code.
Attachments
Issue Links
- is blocked by
-
MESOS-1343 Authorize "/shutdown" HTTP endpoint through ACLs.
- Resolved