[
https://issues.apache.org/jira/browse/MESOS-5588?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15335933#comment-15335933
]
Till Toenshoff commented on MESOS-5588:
---------------------------------------
{noformat}
commit a1a9108338b37f2aea0a575dfc7cbca5b8489cc1
Author: Alexander Rojas <[email protected]>
Date: Fri Jun 17 13:02:38 2016 +0200
Marked some optional fields in acls.proto as required.
The messages `GetEndpoints`, `ViewFramework`, `ViewTask`, `ViewExecutor`
and `AccessSandbox` all have optional authorization objects as a result
of copy and pasting previous message, but their semantics were those
of an required field, which led to some unexpected behavior when a user
misstyped any entry there.
This patch sets the fields to their actual expected values.
Review: https://reviews.apache.org/r/48781/
{noformat}
> Improve error handling when parsing acls.
> -----------------------------------------
>
> Key: MESOS-5588
> URL: https://issues.apache.org/jira/browse/MESOS-5588
> Project: Mesos
> Issue Type: Improvement
> Reporter: Joerg Schad
> Assignee: Joerg Schad
> Priority: Blocker
> Labels: mesosphere, security
> Fix For: 1.0.0
>
>
> During parsing of the authorizer errors are ignored. This can lead to
> undetected security issues.
> Consider the following acl with an typo (usr instead of user)
> {code}
> "view_frameworks": [
> {
> "principals": { "type": "ANY" },
> "usr": { "type": "NONE" }
> }
> ]
> {code}
> When the master is started with these flags it will interprete the acl int he
> following way which gives any principal access to any framework.
> {noformat}
> view_frameworks {
> principals {
> type: ANY
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
