> On April 19, 2017, 12:33 a.m., Vinod Kone wrote: > > While these tests are good I'm wondering if they are realistic, because the > > assumption is that someone knows the agent's secret key but doesn't know > > the container id of the executor they want to attack. In reality it's the > > opposite; they know the container id of the executor they want to attack > > but not the agent's key. Just a thought.
True, it's a contrived scenario, but it's the only way for us to test the authorization logic. A token generated with an incorrect key will fail the authentication step. We don't have any end-to-end authentication tests for HTTP executors, so we could add those instead of/in addition to these tests. - Greg ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58428/#review172293 ----------------------------------------------------------- On April 14, 2017, 9:18 p.m., Greg Mann wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58428/ > ----------------------------------------------------------- > > (Updated April 14, 2017, 9:18 p.m.) > > > Review request for mesos, Anand Mazumdar and Vinod Kone. > > > Bugs: MESOS-7339 > https://issues.apache.org/jira/browse/MESOS-7339 > > > Repository: mesos > > > Description > ------- > > This patch adds new tests to verify that HTTP executors cannot > subscribe or launch nested containers when HTTP executor > authentication is enabled, authorization is enabled, and they > do not provide a valid executor authentication token > > > Diffs > ----- > > src/tests/slave_authorization_tests.cpp > 3657e0a3d19d75cef92e5bf90b65ef00c291b032 > > > Diff: https://reviews.apache.org/r/58428/diff/3/ > > > Testing > ------- > > `make check` > > > Thanks, > > Greg Mann > >
