You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Jiang Yan Xu <ya...@jxu.me> on 2017/01/12 09:48:25 UTC
Review Request 55447: Added sanity checks on IDs and roles before
creating directories.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/55447/
-----------------------------------------------------------
Review request for mesos, Benjamin Mahler and James Peach.
Bugs: MESOS-6866
https://issues.apache.org/jira/browse/MESOS-6866
Repository: mesos
Description
-------
The context for adding these is MESOS-6866. Addmittedly these checks only protect against a (small) subset of potential attacks by clients spoofing as the master and we need MESOS-6903 to truely fix the issue. However instead of ad-hoc bandaids, these could be considered good programming practices: CHECK preconditions before performing (potentially dangerous) actions so I think this is still reasonable.
Diffs
-----
src/slave/paths.cpp 8792cee43d94e7b0bbd7b80aebbe501236244621
Diff: https://reviews.apache.org/r/55447/diff/
Testing
-------
make check.
Thanks,
Jiang Yan Xu
Re: Review Request 55447: Added sanity checks on IDs and roles before
creating directories.
Posted by James Peach <jp...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/55447/#review161582
-----------------------------------------------------------
Ship it!
Ship It!
- James Peach
On Jan. 12, 2017, 9:48 a.m., Jiang Yan Xu wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/55447/
> -----------------------------------------------------------
>
> (Updated Jan. 12, 2017, 9:48 a.m.)
>
>
> Review request for mesos, Benjamin Mahler and James Peach.
>
>
> Bugs: MESOS-6866
> https://issues.apache.org/jira/browse/MESOS-6866
>
>
> Repository: mesos
>
>
> Description
> -------
>
> The context for adding these is MESOS-6866. Addmittedly these checks only protect against a (small) subset of potential attacks by clients spoofing as the master and we need MESOS-6903 to truely fix the issue. However instead of ad-hoc bandaids, these could be considered good programming practices: CHECK preconditions before performing (potentially dangerous) actions so I think this is still reasonable.
>
>
> Diffs
> -----
>
> src/slave/paths.cpp 8792cee43d94e7b0bbd7b80aebbe501236244621
>
> Diff: https://reviews.apache.org/r/55447/diff/
>
>
> Testing
> -------
>
> make check.
>
>
> Thanks,
>
> Jiang Yan Xu
>
>
Re: Review Request 55447: Added sanity checks on IDs and roles before
creating directories.
Posted by Mesos ReviewBot <re...@mesos.apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/55447/#review161368
-----------------------------------------------------------
Bad patch!
Reviews applied: [55447, 55448, 55449, 55446]
Failed command: python support/apply-reviews.py -n -r 55446
Error:
Traceback (most recent call last):
File "support/apply-reviews.py", line 349, in <module>
reviewboard()
File "support/apply-reviews.py", line 328, in reviewboard
apply_review()
File "support/apply-reviews.py", line 121, in apply_review
fetch_patch()
File "support/apply-reviews.py", line 150, in fetch_patch
r = urllib2.urlopen(patch_url(), context=ssl_create_default_context())
File "support/apply-reviews.py", line 131, in ssl_create_default_context
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
AttributeError: 'module' object has no attribute 'SSLContext'
Error in atexit._run_exitfuncs:
Traceback (most recent call last):
File "/usr/lib/python2.7/atexit.py", line 24, in _run_exitfuncs
func(*targs, **kargs)
File "support/apply-reviews.py", line 119, in <lambda>
atexit.register(lambda: os.remove('%s.patch' % patch_id()))
OSError: [Errno 2] No such file or directory: '55446.patch'
Error in sys.exitfunc:
Traceback (most recent call last):
File "/usr/lib/python2.7/atexit.py", line 24, in _run_exitfuncs
func(*targs, **kargs)
File "support/apply-reviews.py", line 119, in <lambda>
atexit.register(lambda: os.remove('%s.patch' % patch_id()))
OSError: [Errno 2] No such file or directory: '55446.patch'
Full log: https://builds.apache.org/job/Mesos-Reviewbot/16692/console
- Mesos ReviewBot
On Jan. 12, 2017, 9:48 a.m., Jiang Yan Xu wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/55447/
> -----------------------------------------------------------
>
> (Updated Jan. 12, 2017, 9:48 a.m.)
>
>
> Review request for mesos, Benjamin Mahler and James Peach.
>
>
> Bugs: MESOS-6866
> https://issues.apache.org/jira/browse/MESOS-6866
>
>
> Repository: mesos
>
>
> Description
> -------
>
> The context for adding these is MESOS-6866. Addmittedly these checks only protect against a (small) subset of potential attacks by clients spoofing as the master and we need MESOS-6903 to truely fix the issue. However instead of ad-hoc bandaids, these could be considered good programming practices: CHECK preconditions before performing (potentially dangerous) actions so I think this is still reasonable.
>
>
> Diffs
> -----
>
> src/slave/paths.cpp 8792cee43d94e7b0bbd7b80aebbe501236244621
>
> Diff: https://reviews.apache.org/r/55447/diff/
>
>
> Testing
> -------
>
> make check.
>
>
> Thanks,
>
> Jiang Yan Xu
>
>