----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/50215/#review143666 -----------------------------------------------------------
src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp (line 494) <https://reviews.apache.org/r/50215/#comment209535> what stops a user from injecting a '; in the source and then following it up with an arbitrary command? - James DeFelice On July 26, 2016, 9:08 p.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/50215/ > ----------------------------------------------------------- > > (Updated July 26, 2016, 9:08 p.m.) > > > Review request for mesos, Artem Harutyunyan, Jie Yu, and Timothy Chen. > > > Bugs: MESOS-5388 > https://issues.apache.org/jira/browse/MESOS-5388 > > > Repository: mesos > > > Description > ------- > > By adding apostrophes to mount 'source' and 'target', arbitraty > commands defined by users postfixed to 'container_path' will > take no effect. 'mount' command will return an error for invalid > mount 'target'. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp > 96806a75e6f7abc3a229c01b375fdba30d267ab4 > > Diff: https://reviews.apache.org/r/50215/diff/ > > > Testing > ------- > > make check > > sudo ./bin/mesos-tests.sh > > > Thanks, > > Gilbert Song > >