Jie Yu commented on MESOS-6075:

commit bcb33ee1c8fe51eb0b29d903e5f486edc38204cb
Author: Kevin Klues klue...@gmail.com
Date:   Thu Sep 22 20:45:55 2016 -0700

Updated launch helper to avoid initializing libprocess.

Previously, we used 'process::subprocess()' to run all of our pre-exec
commands. However, doing so causes us to (unnecesssarily) initialize
all of libprocess (and subsequently creating a whole bunch of unused
threads, etc.) just to run a simple script.

To avoid this, we now use `os::system()` and the new `os::spawn()`
functions to give us our shell/non-shell variant of commands we want
to launch.

In the past, we used 'os::system()' alone to avoid initializing
libprocess, but this caused security issues with allowing arbitrary
shell commands to be appended to root-level pre-exec commands that
take strings as their last argument (e.g. mount --bind <src> <target>,
where target is user supplied and is set to "target_dir; rm -rf /").
We now handle this case by using `os::spawn()` instead.

Review: https://reviews.apache.org/r/52011/

> Avoid libprocess functions in `mesos-containerizer launch`.
> -----------------------------------------------------------
>                 Key: MESOS-6075
>                 URL: https://issues.apache.org/jira/browse/MESOS-6075
>             Project: Mesos
>          Issue Type: Improvement
>          Components: containerization
>    Affects Versions: 1.0.1
>            Reporter: Jie Yu
>            Assignee: Kevin Klues
>              Labels: mesosphere
>             Fix For: 1.1.0, 1.0.2
> Calling libprocses functions in `mesos-containerizer launch` will cause 
> libprocess being initialized. That will have some performance impact as it'll 
> create N threads (N == #cores).
> Given that `mesos-containerizer launch` can be blocking, we should avoid 
> using libprocess methods for performance.

This message was sent by Atlassian JIRA

Reply via email to