mesos-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Rojas (JIRA)" <j...@apache.org>
Subject [jira] [Created] (MESOS-2620) Implement a mechanism which allows access control of endpoints
Date Wed, 15 Apr 2015 08:48:58 GMT
Alexander Rojas created MESOS-2620:
--------------------------------------

             Summary: Implement a mechanism which allows access control of endpoints
                 Key: MESOS-2620
                 URL: https://issues.apache.org/jira/browse/MESOS-2620
             Project: Mesos
          Issue Type: Improvement
            Reporter: Alexander Rojas
            Assignee: Alexander Rojas


h2. Rationale
As is currently implemented, libprocess processes are able to provide HTTP endpoints to serve
some client's requests. Any security requirement are left to the actual endpoint handler to
be implemented. Moreover, some common security checks (e.g., requiring the connection to be
perform over a secure channel or controlling the source of the connection) cannot be performed
at all since this attributes are not made available to the endpoint's handlers.

h2. Goal
Implement a mechanism which allows users of libprocess to install _firewall_ like rules which
can be easily applied to any incoming connection, decoupling the endpoint's handler from the
security layer.

Provide at least on rule which allow the selective disabling of endpoints. This also requires
mesos users to be able to manipule such rules.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message