Sandbox access authorization should fail for non existing sandboxes.

The local authorizer currently tries to authorize ACCESS_SANDBOX even if no further object specification - e.g. framework_info or executor_info) where specified / available at that time.

Given that there is likely no sandbox available if there was no executor_info provided, I think we should actually fail instead of allow or deny (403).

A failure would result into an IMHO more appropriate ServiceUnavailable (503).

See https://github.com/apache/mesos/commit/c8d67590064e35566274116cede9c6a733187b48#diff-dd692b1640b2628014feca01a94ba1e1R241