"SourceForge.net" <nore...@sourceforge.net>
writes:
> Bugs item #3113612, was opened at 2010-11-20 20:23
> Summary: lxc-* tools are vulnerable for arguments with spaces
FWIW, I was vaguely aware of this and I try to guard against it by
requiring my container names to be valid hostnames. Near the top of my
custom lxc-create(8) (note: requires bash 4):
if ! [[ $name =~ ^[[:alnum:]]([[:alnum:]-]{0,61}[[:alnum:]])?$ ]]
then cat 2>&1 <<-EOF
Hostname ($name) must be a valid RFC 952 hostname,
i.e. between one and sixty-three alphanumeric or hyphen
characters, neither starting nor ending in a hyphen.
EOF
exit 1
fi
and in the /etc/init.d/lxc,
for name in $ROOT_DIR/*/forceboot
do name=${name%/forceboot}
name=${name#$ROOT_DIR/}
# Skip it if it doesn't have an RFC952 hostname (e.g. no fooserv.~1~'s)
[[ $name =~ ^[[:alnum:]]([[:alnum:]-]{0,61}[[:alnum:]])?$ ]] || continue
[...]
done
------------------------------------------------------------------------------
Lotusphere 2011
Register now for Lotusphere 2011 and learn how
to connect the dots, take your collaborative environment
to the next level, and enter the era of Social Business.
http://p.sf.net/sfu/lotusphere-d2d
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
