[
https://issues.apache.org/jira/browse/MESOS-6751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15869124#comment-15869124
]
Till Toenshoff commented on MESOS-6751:
---------------------------------------
We really have to find a good tool for this kind of bug to become virtually
impossible. Whenever we fork child-processes things need extra attention.
As soon as the child possibly gets SUIDed, alerts should be on highest guards.
We really need to be sure how much of an environment of a likely root-owned
process really shall be passed on. This does not only often enough become a
trap for certain SSL-related setups but IMHO also poses a security risk unless
very explicitly documented.
> Mesos should allow for selective environment inheritance.
> ---------------------------------------------------------
>
> Key: MESOS-6751
> URL: https://issues.apache.org/jira/browse/MESOS-6751
> Project: Mesos
> Issue Type: Improvement
> Reporter: Till Toenshoff
>
> We have often run into issues with environment variables inherited by
> subprocesses which in certain setups cause problems.
> VERY recent examples are:
> - MESOS-6747
> - MESOS-6748
> The pattern for solving an inheritance that covers bases like PATH,
> LD_LIBRARY_PATH and DYLD_LIBRARY_PATH but at the same time carves out traps
> like LIBPROCESS_-related variables and maybe also MESOS_-related variables is
> relatively simple.
> {noformat}
> map<string, string> environment;
> foreachpair (const string& key, const string& value, os::environment()) {
> if (!strings::startsWith(key, "LIBPROCESS_") &&
> !strings::startsWith(key, "MESOS_")) {
> environment.emplace(key, value);
> }
> }
> {noformat}
> But maybe we can somehow force the use of such pattern to make this kind of
> bug less frequent on new code that forks.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
