Joerg Schad created MESOS-5588: ---------------------------------- Summary: Improve error handling when parsing acls. Key: MESOS-5588 URL: https://issues.apache.org/jira/browse/MESOS-5588 Project: Mesos Issue Type: Improvement Reporter: Joerg Schad Assignee: Joerg Schad
During parsing of the authorizer errors are ignored. This can lead to undetected security issues. Consider the following acl with an typo (usr instead of od user) {code} "view_frameworks": [ { "principals": { "type": "ANY" }, "usr": { "type": "NONE" } } ] {code} When the master is started with these flags it will interprete the acl int he following way which gives any principal access to any framework. {noformat} view_frameworks { principals { type: ANY } } {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)