----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58255/#review171920 -----------------------------------------------------------
Add TODO to possibly move into authorizer, create ticket for consistent authZ story across executors and frameworks. src/slave/http.cpp Lines 731 (patched) <https://reviews.apache.org/r/58255/#comment244932> Return Forbidden? - Greg Mann On April 12, 2017, 7:28 a.m., Greg Mann wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58255/ > ----------------------------------------------------------- > > (Updated April 12, 2017, 7:28 a.m.) > > > Review request for mesos, Adam B, Alexander Rojas, and Till Toenshoff. > > > Bugs: MESOS-7339 > https://issues.apache.org/jira/browse/MESOS-7339 > > > Repository: mesos > > > Description > ------- > > This patch updates the agent handler for the executor API to > verify the FrameworkID and ExecutorID contained within the > executor's `Principal`, if present. This effectively performs > implicit authorization of executor calls. > > > Diffs > ----- > > src/slave/http.cpp 468cf332d79ed7315ecf51955235735dec0a2df1 > > > Diff: https://reviews.apache.org/r/58255/diff/2/ > > > Testing > ------- > > Testing details can be found at the end of this chain. > > > Thanks, > > Greg Mann > >
