[jira] [Commented] (MESOS-5405) Make fields in authorization::Request protobuf optional.

Tue, 07 Jun 2016 00:41:47 -0700 

    [ 
https://issues.apache.org/jira/browse/MESOS-5405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15318060#comment-15318060
 ] 

Till Toenshoff commented on MESOS-5405:
---------------------------------------

{noformat}
commit b9998d1473d50fe8fe4001c69c44dbfba16d7fea
Author: Joerg Schad <[email protected]>
Date:   Tue May 31 20:57:18 2016 -0600

    Changed the ObjectApprover interface for optional subject and objects.

    Review 47505 changed the Request.object and subject to become optional
    fields.This patch adapts the ObjectApprover interface to deal with this
    behavior.

    Review: https://reviews.apache.org/r/48101/
{noformat}

> Make fields in authorization::Request protobuf optional.
> --------------------------------------------------------
>
>                 Key: MESOS-5405
>                 URL: https://issues.apache.org/jira/browse/MESOS-5405
>             Project: Mesos
>          Issue Type: Bug
>            Reporter: Alexander Rukletsov
>            Assignee: Till Toenshoff
>            Priority: Blocker
>              Labels: mesosphere, security
>             Fix For: 1.0.0
>
>
> Currently {{authorization::Request}} protobuf declares {{subject}} and 
> {{object}} as required fields. However, in the codebase we not always set 
> them, which renders the message in the uninitialized state, for example:
>  * 
> https://github.com/apache/mesos/blob/0bfd6999ebb55ddd45e2c8566db17ab49bc1ffec/src/common/http.cpp#L603
>  * 
> https://github.com/apache/mesos/blob/0bfd6999ebb55ddd45e2c8566db17ab49bc1ffec/src/master/http.cpp#L2057
> I believe that the reason why we don't see issues related to this is because 
> we never send authz requests over the wire, i.e., never serialize/deserialize 
> them. However, they are still invalid protobuf messages. Moreover, some 
> external authorizers may serialize these messages.
> We can either ensure all required fields are set or make both {{subject}} and 
> {{object}} fields optional. This will also require updating local authorizer, 
> which should properly handle the situation when these fields are absent. We 
> may also want to notify authors of external authorizers to update their code 
> accordingly.
> It looks like no deprecation is necessary, mainly because we 
> already—erroneously!—treat these fields as optional.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to