[
https://issues.apache.org/jira/browse/MESOS-5153?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15317994#comment-15317994
]
Adam B commented on MESOS-5153:
-------------------------------
commit f29e9e338c1c1429c668f42a4252ca0d87533ad3
Author: Alexander Rojas <[email protected]>
Date: Mon Jun 6 23:50:47 2016 -0700
Updated endpoint documentation.
Rerun `generate-endpoint-help.py` after updating the documentation on
all `master::internal::Files` endpoints.
Review: https://reviews.apache.org/r/48311/
> Sandboxes contents should be protected from unauthorized users
> --------------------------------------------------------------
>
> Key: MESOS-5153
> URL: https://issues.apache.org/jira/browse/MESOS-5153
> Project: Mesos
> Issue Type: Bug
> Components: security, slave
> Reporter: Alexander Rojas
> Assignee: Alexander Rojas
> Labels: mesosphere, security
> Fix For: 1.0.0
>
>
> MESOS-4956 introduced authentication support for the sandboxes. However,
> authentication can only go as far as to tell whether an user is known to
> mesos or not. An extra additional step is necessary to verify whether the
> known user is allowed to executed the requested operation on the sandbox
> (browse, read, download, debug).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
