[jira] [Commented] (MESOS-5406) Validate ACLs on creating an instance of local authorizer.

Adam B (JIRA) Sun, 22 May 2016 23:56:48 -0700

    [ 
https://issues.apache.org/jira/browse/MESOS-5406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15296005#comment-15296005
 ]


Adam B commented on MESOS-5406:
-------------------------------

That sounds appropriate. Although, if permissive=true, then setting a 
permission object to ANY is redundant. Similarly, with permissive=false, 
setting object=NONE is redundant.

> Validate ACLs on creating an instance of local authorizer.
> ----------------------------------------------------------
>
>                 Key: MESOS-5406
>                 URL: https://issues.apache.org/jira/browse/MESOS-5406
>             Project: Mesos
>          Issue Type: Improvement
>          Components: security
>            Reporter: Alexander Rukletsov
>            Assignee: Jay Guo
>              Labels: mesosphere, security
>
> Some combinations of ACLs are not allowed, for example, specifying both 
> {{SetQuota}} and {{UpdateQuota}}. We should capture such issues and error out 
> early. 
> This ticket aims to add as many validations as possible to a dedicated 
> {{validate()}} routine, instead of having them implicitly in the codebase.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (MESOS-5406) Validate ACLs on creating an instance of local authorizer.

Reply via email to