James Peach created MESOS-7401:
----------------------------------
Summary: Optionally pin UPIDs to their IP address.
Key: MESOS-7401
URL: https://issues.apache.org/jira/browse/MESOS-7401
Project: Mesos
Issue Type: Bug
Components: libprocess
Reporter: James Peach
Assignee: James Peach
Priority: Minor
{{libprocess}} does no validation of the peer UPID so in some deployments it is
trivial to inject bogus messages and impersonate legitimate actors. If we add a
check to verify that messages are received from the same IP address as the peer
UPID claims to be using, we can increase the difficulty of UPID spoofing, and
mitigate this somewhat.
For compatibility, this has to be an optional setting and disabled by default.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
