Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9119

Audit authn/authz state of endpoints exposed by Mesos and libprocess

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: agent, libprocess, master
    • Labels:
      None

      Description

      Currently, a number of endpoints are e.g., not authorized. While Mesos uses infrastructure provided by libprocess to authenticate requests to its endpoints, we do not always authorize all Mesos endpoints. Even worse, there seems to exists no libprocess to perform authorization, but we hook it manually into Mesos infrastructure for a number of endpoints,

      /// From `src/common/http.cpp, lines 97ff:
      ///
      // Set of endpoint whose access is protected with the authorization
      // action `GET_ENDPOINTS_WITH_PATH`.
      hashset<string> AUTHORIZABLE_ENDPOINTS{
          "/containers",
          "/files/debug",
          "/files/debug.json",
          "/logging/toggle",
          "/metrics/snapshot",
          "/monitor/statistics",
          "/monitor/statistics.json"};
      

      Notably absent from that list is e.g., the _processes_ endpoint.

      We should audit all endpoints currently exposed by Mesos master or agent process, or any process using libprocess. We should set them up in a way which allows operators to e.g., deny all requests by default.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              bbannier Benjamin Bannier
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: