[ https://issues.apache.org/jira/browse/MESOS-5615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15332735#comment-15332735 ]
Till Toenshoff edited comment on MESOS-5615 at 6/15/16 10:23 PM: ----------------------------------------------------------------- This however has implications; the derived {{ExecutorInfo}} is not just used for the authorizer once we do this metadata duplication in {{Slave::getExecutorInfo}} . Consider a framework author who needs to provide {{Label}} in a way that makes it unique across all Info's he is providing - say he does provide labels for {{TaskInfo}} and also for {{FrameworkInfo}}. This author may be rather surprised to see that suddenly such formerly unique {{Label}} is becoming duplicated and popping up for both, his tasks and the resulting executors when scraping slave endpoints. Same goes for {{DiscoveryInfo}} as attached to the original task. We need to document this behaviour well to prevent false assumptions. was (Author: tillt): This however has implications; the derived {{ExecutorInfo}} is not just used for the authorizer once we do this metadata duplication in {{Slave::getExecutorInfo}} . Consider a framework author who needs to provide {{Label}}s in a way that makes them unique across all Info's he is providing - say he does provide labels for {{TaskInfo}} and also for {{FrameworkInfo}}. This author may be rather surprised to see that suddenly such formerly unique {{Label}} is becoming duplicated and popping up for both, his tasks and the resulting executors when scraping slave endpoints. Same goes for {{DiscoveryInfo}} as attached to the original task. We need to document this behaviour well to prevent false assumptions. > When using command executor, the ExecutorInfo is useless for sandbox > authorization > ---------------------------------------------------------------------------------- > > Key: MESOS-5615 > URL: https://issues.apache.org/jira/browse/MESOS-5615 > Project: Mesos > Issue Type: Bug > Components: modules, security, slave > Affects Versions: 1.0.0 > Reporter: Alexander Rojas > Assignee: Joerg Schad > Priority: Blocker > Labels: authorization, mesosphere, modularization, security > Fix For: 1.0.0 > > > The design for sandbox access authorization uses the {{ExecutorInfo}} > associated with the task as the main authorization space and the > {{FrameworkInfo}} as a secondary one. This allows module writes to use fields > such a labels for authorization. > When a task uses the _command executor_ it doesn't provide an > {{ExecutorInfo}}, but the info object is generated automatically inside the > agent. As such, information which could be used for authorization (e.g. > labels) is not available for authorization. -- This message was sent by Atlassian JIRA (v6.3.4#6332)