mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James DeFelice <james.defel...@gmail.com>
Subject Re: Review Request 50215: Updated pre exec commands as non-shell in docker volume isolator.
Date Wed, 27 Jul 2016 04:03:23 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50215/#review143666
-----------------------------------------------------------




src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp (line 494)
<https://reviews.apache.org/r/50215/#comment209535>

    what stops a user from injecting a '; in the source and then following it up with an arbitrary
command?


- James DeFelice


On July 26, 2016, 9:08 p.m., Gilbert Song wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/50215/
> -----------------------------------------------------------
> 
> (Updated July 26, 2016, 9:08 p.m.)
> 
> 
> Review request for mesos, Artem Harutyunyan, Jie Yu, and Timothy Chen.
> 
> 
> Bugs: MESOS-5388
>     https://issues.apache.org/jira/browse/MESOS-5388
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> By adding apostrophes to mount 'source' and 'target', arbitraty
> commands defined by users postfixed to 'container_path' will
> take no effect. 'mount' command will return an error for invalid
> mount 'target'.
> 
> 
> Diffs
> -----
> 
>   src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp 96806a75e6f7abc3a229c01b375fdba30d267ab4

> 
> Diff: https://reviews.apache.org/r/50215/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> sudo ./bin/mesos-tests.sh
> 
> 
> Thanks,
> 
> Gilbert Song
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message