[
https://issues.apache.org/jira/browse/MESOS-9006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17126413#comment-17126413
]
Dong Zhu edited comment on MESOS-9006 at 6/5/20, 5:55 AM:
----------------------------------------------------------
[~bbannier] Here is the output while executing the GET_AGENT call from agent
with authorized enablement:
{code:java}
{
"type": "GET_AGENT",
"get_agent": {
"agent_info": {
"hostname": "172.16.9.188",
"port": 5051,
"resources": [
{
"name": "cpus",
"type": "SCALAR",
"scalar": {
"value": 2.0
}
},
{
"name": "mem",
"type": "SCALAR",
"scalar": {
"value": 2763.0
}
},
{
"name": "disk",
"type": "SCALAR",
"scalar": {
"value": 46068.0
}
},
{
"name": "ports",
"type": "RANGES",
"ranges": {
"range": [
{
"begin": 31000,
"end": 32000
}
]
}
}
],
"id": {
"value": "4aa947e1-0815-458b-9277-c7fef46369ee-S0"
}
}
}
}
{code}
What kind of resource does it leak ? I don't see sensitive data there.
was (Author: dzhu):
[~bbannier] Here is the output while executing the `GET_AGENT` call from agent
with authorized enablement:
{code:java}
{
"type": "GET_AGENT",
"get_agent": {
"agent_info": {
"hostname": "172.16.9.188",
"port": 5051,
"resources": [
{
"name": "cpus",
"type": "SCALAR",
"scalar": {
"value": 2.0
}
},
{
"name": "mem",
"type": "SCALAR",
"scalar": {
"value": 2763.0
}
},
{
"name": "disk",
"type": "SCALAR",
"scalar": {
"value": 46068.0
}
},
{
"name": "ports",
"type": "RANGES",
"ranges": {
"range": [
{
"begin": 31000,
"end": 32000
}
]
}
}
],
"id": {
"value": "4aa947e1-0815-458b-9277-c7fef46369ee-S0"
}
}
}
}
{code}
What kind of resource does it leak ? I don't see sensitive data there.
> The agent's GET_AGENT leaks resource information when using authorization
> -------------------------------------------------------------------------
>
> Key: MESOS-9006
> URL: https://issues.apache.org/jira/browse/MESOS-9006
> Project: Mesos
> Issue Type: Bug
> Reporter: Benjamin Bannier
> Priority: Critical
> Labels: agent, integration, security
>
> While the master's {{GET_AGENTS}} call e.g., filters resources (by using an
> approver with {{VIEW_ROLE}}) so that it does not leak resources the querying
> principal should not be able to see, no such filtering is done in the
> corresponding agent's {{GET_AGENT}} call.
> This call should be authorized as well to not expose information we expect to
> be not visible.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
