Joerg Schad created MESOS-5588:
----------------------------------
Summary: Improve error handling when parsing acls.
Key: MESOS-5588
URL: https://issues.apache.org/jira/browse/MESOS-5588
Project: Mesos
Issue Type: Improvement
Reporter: Joerg Schad
Assignee: Joerg Schad
During parsing of the authorizer errors are ignored. This can lead to
undetected security issues.
Consider the following acl with an typo (usr instead of od user)
{code}
"view_frameworks": [
{
"principals": { "type": "ANY" },
"usr": { "type": "NONE" }
}
]
{code}
When the master is started with these flags it will interprete the acl int he
following way which gives any principal access to any framework.
{noformat}
view_frameworks {
principals {
type: ANY
}
}
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
