[
https://issues.apache.org/jira/browse/MESOS-7066?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam B reassigned MESOS-7066:
-----------------------------
Assignee: (was: Adam B)
> Allow permissive bit to be set for individual acls (in addition to the global
> level)
> ------------------------------------------------------------------------------------
>
> Key: MESOS-7066
> URL: https://issues.apache.org/jira/browse/MESOS-7066
> Project: Mesos
> Issue Type: Improvement
> Components: security
> Reporter: Anindya Sinha
> Priority: Minor
> Labels: acl
>
> Currently, while defining ACLs for master or agents, there is a boolean field
> {{permissive}} that can be set on the global level that applies to all acls.
> It defines the behavior when no ACL matches to the request made. If set to
> true (which is the default) it will allow by default all non-matching
> requests, if set to false it will reject all non-matching requests.
> We should consider supporting a local {{permissive}} field specific to each
> ACL which would override the global {{permissive}} field if the local
> {{permissive}} field is set.
> The use case is that if support for a new ACL is added to master or agent,
> and a cluster uses the global {{permissive}} field set to {{false}}, that
> would imply that the authorization for the newly added ACL shall fail unless
> the operator adds the corresponding entry for the newly added ACL, which
> leads to a upgrade issue.
> If we have both the global as well as local {{permissive}} bit, then the
> global {{permissive}} bit can be set to {{true}}, whereas the local
> {{permissive}} bit can be set to true or false based on the use case. With
> this approach, it would not be mandatory to add an entry for the new ACL
> entry unless the operator chooses to do so.
> That obviously also leads to the fact that maybe we should not have the
> global {{permissive}} bit in the first place.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
