[
https://issues.apache.org/jira/browse/MESOS-1486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14034079#comment-14034079
]
Benjamin Hindman commented on MESOS-1486:
-----------------------------------------
I think the issue here would be that the slave might be revealing it's
credentials to a malicious master which could then use those credentials to
register with the real master as that slave. I think we're starting to get into
kerberos territory. For non-kerberos users we just might not be able to safely
provide mutual authentication, and if that's required we should likely be
pointing people to use kerberos (assuming, of course, that it provides what's
necessary here).
> Add authentication of masters in slaves.
> ----------------------------------------
>
> Key: MESOS-1486
> URL: https://issues.apache.org/jira/browse/MESOS-1486
> Project: Mesos
> Issue Type: Improvement
> Components: slave
> Reporter: Niklas Quarfot Nielsen
>
> Like masters can whitelist slaves (and only announce available resources from
> slaves whitelisted), slaves should be able to whitelist masters they are
> willing/allowed to connect to. I have a proof-of-concept ready which ties
> into the slave::detected() method and prevents non-whitelisted masters to
> register.
> If "*" is provided - whitelisting is not enforced (which would be the usual
> case).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
