mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gilbert Song <>
Subject Re: Review Request 50214: Supported non-shell command in MesosLaunch to avoid arbitrary commands.
Date Wed, 27 Jul 2016 21:39:03 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated July 27, 2016, 2:39 p.m.)

Review request for mesos, Artem Harutyunyan, Jie Yu, and Timothy Chen.

Bugs: MESOS-5388

Repository: mesos


Currently all pre_exec_commands are executed as shell commands
in Mesos Launch. It is not safe because arbitrary shell command
may be included in some user facing api (e.g., container_path).
We should execute those command as a subprocess to prevent
arbitrary shell command injection.

Diffs (updated)

  src/slave/containerizer/mesos/launch.cpp 51f0c110ff0c414837fd69db81047979a0093388 



make check

sudo ./bin/


Gilbert Song

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message