[
https://issues.apache.org/jira/browse/MESOS-5317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15273873#comment-15273873
]
Adam B commented on MESOS-5317:
-------------------------------
Should we do GET_ENDPOINT_WITH_PATH coarse-grained authz on this endpoint, or
per-container/executor filtering?
[~jieyu], nobody's depending on this new endpoint yet right, so can we punt on
authn/z for it for now and recommend the endpoint be disabled on secure
clusters that care about protecting access to container stats? Then we can take
the time to design what authz should look like.
> Authorize the agent's '/containers' endpoint
> --------------------------------------------
>
> Key: MESOS-5317
> URL: https://issues.apache.org/jira/browse/MESOS-5317
> Project: Mesos
> Issue Type: Improvement
> Components: security, slave
> Reporter: Greg Mann
> Labels: authorization, mesosphere
> Fix For: 0.29.0
>
>
> After the agent's {{/containers}} endpoint is authenticated, we should
> enabled authorization as well.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
