[jira] [Updated] (MESOS-6670) Authz for Agent v1 operator API

Mon, 12 Dec 2016 01:18:07 -0800 

     [ 
https://issues.apache.org/jira/browse/MESOS-6670?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Adam B updated MESOS-6670:
--------------------------
    Description: 
Of the agent's current v1 operator Calls,
- Some don't need authz:
    GET_HEALTH = 1
    GET_VERSION = 3;
    GET_METRICS = 4;
    GET_LOGGING_LEVEL = 5;

- Most of the others already have authz:
    LIST_FILES = 7;
    READ_FILE = 8;
    GET_STATE = 9;
    GET_FRAMEWORKS = 11;
    GET_EXECUTORS = 12;
    GET_TASKS = 13;
    LAUNCH_NESTED_CONTAINER = 14;
    WAIT_NESTED_CONTAINER = 15;
    KILL_NESTED_CONTAINER = 16;
    LAUNCH_NESTED_CONTAINER_SESSION = 17;
    ATTACH_CONTAINER_INPUT = 18;
    ATTACH_CONTAINER_OUTPUT = 19;

- Some don't have authz, but need it, and these are the ones we're worried 
about.
    GET_FLAGS = 2;
    SET_LOGGING_LEVEL = 6;
    GET_CONTAINERS = 10;

  was:
Of the agent's current v1 operator Calls,
- Some don't need authz:
    GET_HEALTH = 1
    GET_VERSION = 3;
    GET_METRICS = 4;
    GET_LOGGING_LEVEL = 5;

- Some already have authz:
    LIST_FILES = 7;
    READ_FILE = 8;
    LAUNCH_NESTED_CONTAINER = 14;
    WAIT_NESTED_CONTAINER = 15;
    KILL_NESTED_CONTAINER = 16;

- Some probably have authz (filtering), but we need to test/verify
    GET_STATE = 9;
    GET_FRAMEWORKS = 11;
    GET_EXECUTORS = 12;
    GET_TASKS = 13;

- Some don't have authz, but need it
    GET_FLAGS = 2;
    SET_LOGGING_LEVEL = 6;
    GET_CONTAINERS = 10;

- Some are brand new, and their authz is covered by MESOS-6474
    LAUNCH_NESTED_CONTAINER_SESSION = 17;
    ATTACH_CONTAINER_INPUT = 18;
    ATTACH_CONTAINER_OUTPUT = 19;


> Authz for Agent v1 operator API
> -------------------------------
>
>                 Key: MESOS-6670
>                 URL: https://issues.apache.org/jira/browse/MESOS-6670
>             Project: Mesos
>          Issue Type: Epic
>          Components: security
>            Reporter: Adam B
>            Assignee: Alexander Rojas
>              Labels: security
>             Fix For: 1.2.0
>
>
> Of the agent's current v1 operator Calls,
> - Some don't need authz:
>     GET_HEALTH = 1
>     GET_VERSION = 3;
>     GET_METRICS = 4;
>     GET_LOGGING_LEVEL = 5;
> - Most of the others already have authz:
>     LIST_FILES = 7;
>     READ_FILE = 8;
>     GET_STATE = 9;
>     GET_FRAMEWORKS = 11;
>     GET_EXECUTORS = 12;
>     GET_TASKS = 13;
>     LAUNCH_NESTED_CONTAINER = 14;
>     WAIT_NESTED_CONTAINER = 15;
>     KILL_NESTED_CONTAINER = 16;
>     LAUNCH_NESTED_CONTAINER_SESSION = 17;
>     ATTACH_CONTAINER_INPUT = 18;
>     ATTACH_CONTAINER_OUTPUT = 19;
> - Some don't have authz, but need it, and these are the ones we're worried 
> about.
>     GET_FLAGS = 2;
>     SET_LOGGING_LEVEL = 6;
>     GET_CONTAINERS = 10;



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to