> On Feb 27, 2017, at 9:59 AM, David Schmitt <[email protected]> wrote: > > Commands > > To use CLI commands in a safe and comfortable manner, the implementation can > use the commands method to access shell commands. You can either use a full > path, or a bare command name. In the latter case puppet will use the system > PATH setting to search for the command. If the commands are not available, an > error will be raised and the resources will fail in this run. The commands > are aware of whether noop is in effect or not, and will skip the actual > execution if necessary. > > Puppet::ResourceImplementation.register('apt_key') do > commands apt_key: '/usr/bin/apt-key' > commands gpg: 'gpg' > This will create methods called apt_get, and gpg, which will take CLI > arguments without any escaping, and run them in a safe environment (clean > working directory, clean environment). For example to call apt-key to delete > a specific key by id: > If the goal here is safe execution shouldn’t it escape at least shell special characters? My concern is based on some of the providers I work on which take free form strings as arguments and any type that doesn’t fully validate or munge inputs.
There is a risk that any provider* today can suffer from shell command injection. It seems that using shelljoin on the argument array would be useful or shellesacpe on each element. However, for a simplified API it seems that it could be done more centrally here instead of pushing it to each implementation to make sure it is done if needed. * That can’t exclude shell characters and doesn’t munge input to escape them. Thanks Shawn > apt_key 'del', key_id > By default the stdout of the command is logged to debug, while the stderr is > logged to warning. To access the stdout in the implementation, use the > command name with _lines appended, and process it through the returned > Enumerable <http://ruby-doc.org/core/Enumerable.html> line-by-line. For > example, to process the list of all apt keys: > > -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/D0519A28-5F3E-4049-9351-B5C260823B2E%40oracle.com. For more options, visit https://groups.google.com/d/optout.
