[jira] [Commented] (MESOS-5405) Make fields in authorization::Request protobuf optional.

Tue, 07 Jun 2016 02:38:31 -0700 

    [ 
https://issues.apache.org/jira/browse/MESOS-5405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15318223#comment-15318223
 ] 

Till Toenshoff commented on MESOS-5405:
---------------------------------------

{noformat}
commit 90871a48f4f1a345950862a53efb78e0b9aadedb
Author: Joerg Schad <[email protected]>
Date:   Tue Jun 7 11:34:53 2016 +0200

    Fixed documentation for MESOS-5405.

    As MESOS-5405 changes the fields in `Request` to optional, we need to
    update the documentation.

    Review: https://reviews.apache.org/r/48263/
{noformat}

> Make fields in authorization::Request protobuf optional.
> --------------------------------------------------------
>
>                 Key: MESOS-5405
>                 URL: https://issues.apache.org/jira/browse/MESOS-5405
>             Project: Mesos
>          Issue Type: Bug
>            Reporter: Alexander Rukletsov
>            Assignee: Till Toenshoff
>            Priority: Blocker
>              Labels: mesosphere, security
>             Fix For: 1.0.0
>
>
> Currently {{authorization::Request}} protobuf declares {{subject}} and 
> {{object}} as required fields. However, in the codebase we not always set 
> them, which renders the message in the uninitialized state, for example:
>  * 
> https://github.com/apache/mesos/blob/0bfd6999ebb55ddd45e2c8566db17ab49bc1ffec/src/common/http.cpp#L603
>  * 
> https://github.com/apache/mesos/blob/0bfd6999ebb55ddd45e2c8566db17ab49bc1ffec/src/master/http.cpp#L2057
> I believe that the reason why we don't see issues related to this is because 
> we never send authz requests over the wire, i.e., never serialize/deserialize 
> them. However, they are still invalid protobuf messages. Moreover, some 
> external authorizers may serialize these messages.
> We can either ensure all required fields are set or make both {{subject}} and 
> {{object}} fields optional. This will also require updating local authorizer, 
> which should properly handle the situation when these fields are absent. We 
> may also want to notify authors of external authorizers to update their code 
> accordingly.
> It looks like no deprecation is necessary, mainly because we 
> already—erroneously!—treat these fields as optional.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to