mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jay Guo <guojiannan1...@gmail.com>
Subject Re: Review Request 58096: Added authorization for frameworks in /roles endpoint.
Date Wed, 21 Jun 2017 18:00:24 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58096/
-----------------------------------------------------------

(Updated June 22, 2017, 2 a.m.)


Review request for mesos, Adam B, Alexander Rojas, and Benjamin Mahler.


Changes
-------

rebase & address comments


Bugs: MESOS-7260
    https://issues.apache.org/jira/browse/MESOS-7260


Repository: mesos


Description
-------

While /roles displays a list of frameworksIds that register with
a role, it did NOT filter them based on VIEW_FRAMEWORK ACL, which
impose a security risk. This patch fixed this issue by taking a
frameworksApprover in `Master::Http::roles()` which is used to
filter framework IDs.


Diffs (updated)
-----

  src/master/http.cpp 4dd43fd7c3fb986f4eed78bce574b6d3af156b67 


Diff: https://reviews.apache.org/r/58096/diff/8/

Changes: https://reviews.apache.org/r/58096/diff/7-8/


Testing
-------

see next patch in the chain.


Thanks,

Jay Guo


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message