Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-1678

Any framework with credentials can kill any other framework via http

    XMLWordPrintableJSON

Details

    • Story
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • None
    • None
    • None
    • None

    Description

      Looking through the review introducing the /shutdown http endpoint, it appears that any framework's credentials can be used to shutdown any other framework:

      Around line 650:

        foreach (const Credential& credential, master->credentials.get().http()) {
    if (credential.principal() == username &&
        (!credential.has_secret() || credential.secret() == password)) {
      // TODO(ijimenez) make removeFramework asynchronously
      master->removeFramework(framework);
      return OK();
    }
  }

      Thanks to adam-mesos, I looked into in authorization doc, however I don't see where the ACL-checking is happening within that code.

      Attachments

        Issue Links

          is blocked by

          Task - A task that needs to be done. MESOS-1343 Authorize "/shutdown" HTTP endpoint through ACLs.

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              yasumoto Joe Smith
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: