----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/50214/ -----------------------------------------------------------
(Updated July 25, 2016, 8:19 p.m.) Review request for mesos, Artem Harutyunyan, Jie Yu, and Timothy Chen. Bugs: MESOS-5388 https://issues.apache.org/jira/browse/MESOS-5388 Repository: mesos Description ------- Currently all pre_exec_commands are executed as shell commands in Mesos Launch. It is not safe because arbitrary shell command may be included in some user facing api (e.g., container_path). We should execute those command as a subprocess to prevent arbitrary shell command injection. Diffs (updated) ----- src/slave/containerizer/mesos/launch.cpp 51f0c110ff0c414837fd69db81047979a0093388 Diff: https://reviews.apache.org/r/50214/diff/ Testing ------- make check sudo ./bin/mesos-tests.sh Thanks, Gilbert Song