Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-5730

Sandbox access authorization should fail for non existing sandboxes.

    Details

    • Sprint:
      Mesosphere Sprint 38

      Description

      The local authorizer currently tries to authorize ACCESS_SANDBOX even if no further object specification - e.g. framework_info or executor_info) where specified / available at that time.

      Given that there is likely no sandbox available if there was no executor_info provided, I think we should actually fail instead of allow or deny (403).

      A failure would result into an IMHO more appropriate ServiceUnavailable (503).

      See https://github.com/apache/mesos/commit/c8d67590064e35566274116cede9c6a733187b48#diff-dd692b1640b2628014feca01a94ba1e1R241

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              tillt Till Toenshoff
              Shepherd:
              Till Toenshoff
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: