You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ji...@apache.org on 2016/08/02 23:55:41 UTC
[3/8] mesos git commit: Updated docker volume isolator to return
non-shell 'pre_exec_commands'.
Updated docker volume isolator to return non-shell 'pre_exec_commands'.
Review: https://reviews.apache.org/r/50535/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/1ea9665f
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/1ea9665f
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/1ea9665f
Branch: refs/heads/1.0.x
Commit: 1ea9665f596f1f4d0532d1ce67cca9f73e5e2c1d
Parents: f3b6370
Author: Gilbert Song <so...@gmail.com>
Authored: Mon Aug 1 13:05:53 2016 -0700
Committer: Jie Yu <yu...@gmail.com>
Committed: Tue Aug 2 16:35:12 2016 -0700
----------------------------------------------------------------------
.../mesos/isolators/docker/volume/isolator.cpp | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/1ea9665f/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
----------------------------------------------------------------------
diff --git a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
index 70ea5ca..d10c424 100644
--- a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
+++ b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
@@ -491,9 +491,18 @@ Future<Option<ContainerLaunchInfo>> DockerVolumeIsolatorProcess::_prepare(
LOG(INFO) << "Mounting docker volume mount point '" << source
<< "' to '" << target << "' for container " << containerId;
- const string command = "mount -n --rbind '" + source + "' '" + target + "'";
-
- launchInfo.add_pre_exec_commands()->set_value(command);
+ // Launch mount command as a non-shell subprocess to avoid
+ // injecting arbitrary shell commands (e.g., user defined
+ // 'container_path' in volume can be postfixed with any
+ // unsafe arbitrary commands).
+ CommandInfo* command = launchInfo.add_pre_exec_commands();
+ command->set_shell(false);
+ command->set_value("mount");
+ command->add_arguments("mount");
+ command->add_arguments("-n");
+ command->add_arguments("--rbind");
+ command->add_arguments(source);
+ command->add_arguments(target);
}
return launchInfo;