Adam B created MESOS-5150: ----------------------------- Summary: Authorize Agent HTTP Endpoints Key: MESOS-5150 URL: https://issues.apache.org/jira/browse/MESOS-5150 Project: Mesos Issue Type: Epic Components: security, slave Reporter: Adam B Assignee: Alexander Rojas
As we add authentication in agent http endpoint handlers in MESOS-4847, we now have the opportunity to perform ACL-based authorization on these endpoints. Most important is the authorization of the /files endpoints, as those allow access to executor sandboxes (and agent logs), and the operator may wish to control which users may access which sandboxes. Similarly, the operator may only want certain users to be able to view agent flags, change logging level, enable the profiler, etc. -- This message was sent by Atlassian JIRA (v6.3.4#6332)