[jira] [Commented] (MESOS-5615) When using command executor, the ExecutorInfo is useless for sandbox authorization

Wed, 15 Jun 2016 05:19:25 -0700 

    [ 
https://issues.apache.org/jira/browse/MESOS-5615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15331616#comment-15331616
 ] 

Alexander Rojas commented on MESOS-5615:
----------------------------------------

After discussing this issue there are four alternatives we could consider:

#. Do nothing in Mesos, if framework writers want to do authorization on labels 
from the {{ExecutorInfo}} they will have to set one. _Disadvantages_: Some 
values of the {{ExecutorInfo}} in the command executor case are based on Mesos 
configuration which wouldn't be available to frameworks.
#. If the command info is used, set the {{task_info}} field on the 
{{authorization::Object}} message instead of the {{executor_info}} one.
#. Copy all labels and similar meta data from the {{TaskInfo}} to the generated 
{{ExecutorInfo}}. _Advantage_: Keeps code changes concise and localized. 
_Disadvantages_: It increases the memory footprint of the agent's bookkeeping 
classes, since possible big blobs would be kept in memory on different objects.
#. Make the {{task_info}} field on the {{authorizer::Object}} repeated instead 
of optional, and add all tasks associated to the executor to the authorization 
fields.

> When using command executor, the ExecutorInfo is useless for sandbox 
> authorization
> ----------------------------------------------------------------------------------
>
>                 Key: MESOS-5615
>                 URL: https://issues.apache.org/jira/browse/MESOS-5615
>             Project: Mesos
>          Issue Type: Bug
>          Components: modules, security, slave
>    Affects Versions: 1.0.0
>            Reporter: Alexander Rojas
>            Priority: Blocker
>              Labels: authorization, mesosphere, modularization, security
>
> The design for sandbox access authorization uses the {{ExecutorInfo}} 
> associated with the task as the main authorization space and the 
> {{FrameworkInfo}} as a secondary one. This allows module writes to use fields 
> such a labels for authorization.
> When a task uses the _command executor_ it doesn't provide an 
> {{ExecutorInfo}}, but the info object is generated automatically inside the 
> agent. As such, information which could be used for authorization (e.g. 
> labels) is not available for authorization.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to