[
https://issues.apache.org/jira/browse/MESOS-5615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15332735#comment-15332735
]
Till Toenshoff edited comment on MESOS-5615 at 6/15/16 10:23 PM:
-----------------------------------------------------------------
This however has implications; the derived {{ExecutorInfo}} is not just used
for the authorizer once we do this metadata duplication in
{{Slave::getExecutorInfo}} .
Consider a framework author who needs to provide {{Label}} in a way that makes
it unique across all Info's he is providing - say he does provide labels for
{{TaskInfo}} and also for {{FrameworkInfo}}. This author may be rather
surprised to see that suddenly such formerly unique {{Label}} is becoming
duplicated and popping up for both, his tasks and the resulting executors when
scraping slave endpoints. Same goes for {{DiscoveryInfo}} as attached to the
original task.
We need to document this behaviour well to prevent false assumptions.
was (Author: tillt):
This however has implications; the derived {{ExecutorInfo}} is not just used
for the authorizer once we do this metadata duplication in
{{Slave::getExecutorInfo}} .
Consider a framework author who needs to provide {{Label}}s in a way that makes
them unique across all Info's he is providing - say he does provide labels for
{{TaskInfo}} and also for {{FrameworkInfo}}. This author may be rather
surprised to see that suddenly such formerly unique {{Label}} is becoming
duplicated and popping up for both, his tasks and the resulting executors when
scraping slave endpoints. Same goes for {{DiscoveryInfo}} as attached to the
original task.
We need to document this behaviour well to prevent false assumptions.
> When using command executor, the ExecutorInfo is useless for sandbox
> authorization
> ----------------------------------------------------------------------------------
>
> Key: MESOS-5615
> URL: https://issues.apache.org/jira/browse/MESOS-5615
> Project: Mesos
> Issue Type: Bug
> Components: modules, security, slave
> Affects Versions: 1.0.0
> Reporter: Alexander Rojas
> Assignee: Joerg Schad
> Priority: Blocker
> Labels: authorization, mesosphere, modularization, security
> Fix For: 1.0.0
>
>
> The design for sandbox access authorization uses the {{ExecutorInfo}}
> associated with the task as the main authorization space and the
> {{FrameworkInfo}} as a secondary one. This allows module writes to use fields
> such a labels for authorization.
> When a task uses the _command executor_ it doesn't provide an
> {{ExecutorInfo}}, but the info object is generated automatically inside the
> agent. As such, information which could be used for authorization (e.g.
> labels) is not available for authorization.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
