Adam B created MESOS-5150:
-----------------------------
Summary: Authorize Agent HTTP Endpoints
Key: MESOS-5150
URL: https://issues.apache.org/jira/browse/MESOS-5150
Project: Mesos
Issue Type: Epic
Components: security, slave
Reporter: Adam B
Assignee: Alexander Rojas
As we add authentication in agent http endpoint handlers in MESOS-4847, we now
have the opportunity to perform ACL-based authorization on these endpoints.
Most important is the authorization of the /files endpoints, as those allow
access to executor sandboxes (and agent logs), and the operator may wish to
control which users may access which sandboxes.
Similarly, the operator may only want certain users to be able to view agent
flags, change logging level, enable the profiler, etc.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
