[
https://issues.apache.org/jira/browse/MESOS-1678?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14088409#comment-14088409
]
Joe Smith commented on MESOS-1678:
----------------------------------
Yep, sounds great!
> Any framework with credentials can kill any other framework via http
> --------------------------------------------------------------------
>
> Key: MESOS-1678
> URL: https://issues.apache.org/jira/browse/MESOS-1678
> Project: Mesos
> Issue Type: Story
> Reporter: Joe Smith
>
> Looking through [the review introducing the /shutdown http
> endpoint|https://reviews.apache.org/r/22832], it appears that any framework's
> credentials can be used to shutdown any other framework:
> Around line 650:
> {code}
> foreach (const Credential& credential, master->credentials.get().http()) {
> if (credential.principal() == username &&
> (!credential.has_secret() || credential.secret() == password)) {
> // TODO(ijimenez) make removeFramework asynchronously
> master->removeFramework(framework);
> return OK();
> }
> }
> {code}
> Thanks to [~adam-mesos], I looked into in [authorization
> doc|https://github.com/apache/mesos/blob/master/docs/authorization.md],
> however I don't see where the ACL-checking is happening within that code.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
