mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benjamin Hindman (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (MESOS-918) Allow safe input of commands with array-of-strings interface
Date Fri, 17 Jan 2014 17:00:21 GMT

     [ https://issues.apache.org/jira/browse/MESOS-918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Benjamin Hindman reassigned MESOS-918:
--------------------------------------

    Assignee: Benjamin Hindman  (was: Benjamin Mahler)

Assigning to me to move to "Reviewable", then assigning to [~bmahler] for the actual review.

> Allow safe input of commands with array-of-strings interface
> ------------------------------------------------------------
>
>                 Key: MESOS-918
>                 URL: https://issues.apache.org/jira/browse/MESOS-918
>             Project: Mesos
>          Issue Type: Improvement
>          Components: slave
>            Reporter: Jason Dusek
>            Assignee: Benjamin Hindman
>            Priority: Minor
>              Labels: patch
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> The CommandInfo Protobuf allows specification of a command to run on the slave; but at
present that command is always subject to shell interpretation. This makes safe handling of
user input and programmatic generation of the commands all but impossible.
> If an alternate interface were offered, where an `execvp()` like array of arguments were
accepted for specifying the command, then the old behaviour could be easily recovered by passing:
>     [ "sh", "-c", ... ]
> and the new behaviour would allow for greater safety and predictability in all other
cases.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message