Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-7363

Improver master robustness against duplicate UPIDs

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • None
    • 1.3.0
    • master
    • None

    Description

      It is possible for a malicious client to send libprocess SUBSCRIBE requests that will trigger the !frameworks.principals.contains(...) CHECK. This can happen if the client sends a subscribe with a framework ID, then a second subscribe with a different framework ID but the same UPID. The invariant in the master is that a UPID uniquely identifies a given framework. This is violated if we allow multiple frameworks with the same UPID.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. MESOS-7401 Optionally reject messages when UPIDs does not match IP.

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              jamespeach James Peach
              jamespeach James Peach
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: