Alexander Rojas created MESOS-5682: -------------------------------------- Summary: The /flags endpoints use authorization but there is a bypass to get their content Key: MESOS-5682 URL: https://issues.apache.org/jira/browse/MESOS-5682 Project: Mesos Issue Type: Bug Components: master, slave Reporter: Alexander Rojas Priority: Minor
The {{/flags}} endpoints use authorization in both, master and agent. However the contents of the flags are available without any need for authorization by accessing the {{/state}} endpoints on both, master and agents. -- This message was sent by Atlassian JIRA (v6.3.4#6332)