Documented that master message validation is best effort. Review: https://reviews.apache.org/r/58622/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/54e47b44 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/54e47b44 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/54e47b44 Branch: refs/heads/master Commit: 54e47b443063c5f2a7565dd4e9e562f16cf8925b Parents: e83551d Author: James Peach <[email protected]> Authored: Wed Apr 26 15:36:22 2017 -0400 Committer: Neil Conway <[email protected]> Committed: Wed Apr 26 16:01:38 2017 -0400 ---------------------------------------------------------------------- src/master/validation.hpp | 7 +++++++ 1 file changed, 7 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/54e47b44/src/master/validation.hpp ---------------------------------------------------------------------- diff --git a/src/master/validation.hpp b/src/master/validation.hpp index ad9d07c..6b53e34 100644 --- a/src/master/validation.hpp +++ b/src/master/validation.hpp @@ -57,6 +57,13 @@ Option<Error> validate( namespace message { +// Validation helpers for internal Mesos protocol messages. This is a +// best-effort validation, intended to prevent trivial attacks on the +// protocol in deployments where the network between master and agents +// is not secured. The longer term remedy for this is to make security +// guarantees at the libprocess level that would prevent arbitrary UPID +// impersonation (MESOS-7424). + Option<Error> registerSlave( const SlaveInfo& slaveInfo, const std::vector<Resource>& checkpointedResources);
