[MESOS-5704] Fine-grained authorization on /frameworks - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.0.0
Component/s: master, security
Labels:
- mesosphere
- security

Epic Link:
Authorize operator endpoints
Sprint:
Mesosphere Sprint 38
Story Points:
3

Description

Even if ACLs were defined for the actions VIEW_FRAMEWORKS,
VIEW_EXECUTORS and VIEW_TASKS, the data these actions were
supposed to protect, could still leaked through the master's
/frameworks endpoint, since it didn't enable any authorization
mechanism.

Attachments

Activity

People

Assignee:: Alexander Rojas

Reporter:: Adam B

Shepherd:: Vinod Kone

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 24/Jun/16 12:00

Updated:: 29/Apr/19 09:27

Resolved:: 28/Jun/16 22:16