Benjamin Hindman commented on MESOS-5070:

[~alexr], [~jieyu], [~haosdent], regarding 
{{mesos::internal::health::cloneWithSetns}} function:

(1) This implementation will never enter a pid namespace properly and there's 
no check that someone isn't passing in a pid namespace ... bug?
(2) This should not live in {{src/health-check/health_checker.cpp}} as it's a 
generic function that others probably want to reuse. In fact, it's very 
reminiscent to the {{ns::enter}} function we recently wrote for the nested 
containerization stuff that was later replaced with {{ns::clone}}, and I'd 
rather us reintroduce a generic {{ns::enter}} that lots of people can use 
rather than implement one-offs throughout the code base.

> Introduce more flexible subprocess interface for child options.
> ---------------------------------------------------------------
>                 Key: MESOS-5070
>                 URL: https://issues.apache.org/jira/browse/MESOS-5070
>             Project: Mesos
>          Issue Type: Improvement
>            Reporter: Joerg Schad
>            Assignee: Joerg Schad
>              Labels: tech-debt
> We introduced a number of parameters to the subprocess interface with 
> MESOS-5049.
> Adding all options explicitly to the subprocess interface makes it 
> inflexible. 
> We should investigate a flexible options, which still prevents arbitrary code 
> to be executed.

This message was sent by Atlassian JIRA

Reply via email to