Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
Description
Currently Mesos agents do not verify that the messages they receive are coming from the leading master and haven't been tampered with. In untrusted environments this can be a source of security issues.
There are a couple of ways to fix this:
1) implement Master authentication on the transport or application level for each agent<->master connection (this might not be sufficient to distinguish a master from the leading master)
2) implement Master authentication on the transport level (for the connection to be encrypted) upon agent registration and pass a secret to the master for all subsequent, possibly separate and unencrypted, connections (the secret can be leaked on an unencrypted connection).
Attachments
Issue Links
- relates to
-
MESOS-9774 Design client side SSL certificate verification in Libprocess.
- Resolved