[
https://issues.apache.org/jira/browse/MESOS-4772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15169198#comment-15169198
]
James DeFelice commented on MESOS-4772:
---------------------------------------
The more I think about a namespace-based approach, the more I like it.
"Ownership" isn't leaked into task this way and it keeps the security model
more flexible. It could be made even more generic to support an expanded set of
use cases.
I'd vote for a TaskInfo.GroupName field (repeated string). Group names could be
used for security policy targets, billing, etc. A group name value of
"ns:a/b/c" could indicate namespace "a/b/c" (and some other actor could decide
what it means to be namespaced). A group value of "billing:it/ecommerce/dev"
could provide guidance to a charge-back system.
> TaskInfo/ExecutorInfo should include owner information
> ------------------------------------------------------
>
> Key: MESOS-4772
> URL: https://issues.apache.org/jira/browse/MESOS-4772
> Project: Mesos
> Issue Type: Improvement
> Components: security
> Reporter: Adam B
> Assignee: Jan Schlicht
> Labels: authorization, mesosphere, ownership, security
>
> We need a way to assign fine-grained ownership to tasks/executors so that
> multi-user frameworks can tell Mesos to associate the task with a user
> identity (rather than just the framework principal+role). Then, when an HTTP
> user requests to view the task's sandbox contents, or kill the task, or list
> all tasks, the authorizer can determine whether to allow/deny/filter the
> request based on finer-grained, user-level ownership.
> Some systems may want TaskInfo.owner to represent a group rather than an
> individual user. That's fine as long as the framework sets the field to the
> group ID in such a way that a group-aware authorizer can interpret it.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
