You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mesos.apache.org by "Benjamin Hindman (JIRA)" <ji...@apache.org> on 2014/01/17 17:58:20 UTC
[jira] [Updated] (MESOS-918) Allow safe input of commands with
array-of-strings interface
[ https://issues.apache.org/jira/browse/MESOS-918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benjamin Hindman updated MESOS-918:
-----------------------------------
Assignee: Benjamin Mahler
> Allow safe input of commands with array-of-strings interface
> ------------------------------------------------------------
>
> Key: MESOS-918
> URL: https://issues.apache.org/jira/browse/MESOS-918
> Project: Mesos
> Issue Type: Improvement
> Components: slave
> Reporter: Jason Dusek
> Assignee: Benjamin Mahler
> Priority: Minor
> Labels: patch
> Original Estimate: 2h
> Remaining Estimate: 2h
>
> The CommandInfo Protobuf allows specification of a command to run on the slave; but at present that command is always subject to shell interpretation. This makes safe handling of user input and programmatic generation of the commands all but impossible.
> If an alternate interface were offered, where an `execvp()` like array of arguments were accepted for specifying the command, then the old behaviour could be easily recovered by passing:
> [ "sh", "-c", ... ]
> and the new behaviour would allow for greater safety and predictability in all other cases.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)