On Thu, Apr 21, 2011 at 03:19:10PM +0200, Florian Haas wrote: > On 2011-04-20 19:00, Lars Ellenberg wrote: > > On Wed, Apr 20, 2011 at 06:49:48PM +0200, Lars Ellenberg wrote: > > [a lot] > > > > I know I'm paranoid. > > Am I too paranoid? > > Patches welcome.
That phrase does work as reply to everything you don't want to hear about ;-) Just because we probably have resource agents in tree that don't do proper input sanitation, and some of them may even do things like eval, or forget to quote parameters that need to be quoted ... Just because we have such stuff in tree already, does not mean we must take more of the same. Or that we must ignore that it could be a problem. Or that x="some link name" and then doing ln $x y instead of ln "$x" y is simply wrong code. If we can fix things when taking them in, we should do that. That's naturally the point in time when they get most attention. So that's also when all potential issues should be brought up. And no, just because someone spots a potential problem does not make it his job to fix it. Of course we should also crowd source a review for the resource agents we already have. Improper use of input parameters becomes more important with the cib supporting ACLs, as then it becomes a potential privilege escalation problem. Whereas as long as you assume anyone with access to the cib is basically equivalent to root on the cluster nodes anyways, it is only an annoyance, and should be fixed anyways. Those resource agents I have actually read (as opposed to quickly browsed over or not even looked at) at least have nothing obvious of the sort. As for the symlink RA, I still think it is a good idea to use an indirection scheme, instead of using the symlinks directly. /etc/cron.d -> /etc/cluster-symlinks/cron.d -> /mnt/somewhere/cron.d does not only prevent the RA from removing unrelated files unintentionally, but also has the nice propery to clearly show /etc/cron.d is managed by this system, and makes it very fast to get an overview which links currently are supposed to be managed by that system. Lars _______________________________________________________ Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/