This is an automatically generated e-mail. To reply, visit:

Review request for mesos, Gilbert Song and Jie Yu.

Bugs: MESOS-6075

Repository: mesos


Previously, we used 'process::subprocess()' to run all of our pre-exec
commands. However, doing so causes us to (unnecesssarily) initialize
all of libprocess (and subsequently creating a whole bunch of unused
threads, etc.) just to run a simple script.

To avoid this, we now use fork/exec exec directly avoid calling
'process:subprocess()'. In the past, we used 'os::system()' here
to avoid initializing libprocess, but this caused security issues with
allowing arbitrary shell commands to be appended to root-level
pre-exec commands that take strings as their last argument (e.g. mount
--bind <src> <target>, where target is user supplied and is set to
"target_dir; rm -rf /"). We now handle this case by invoking `execvp`
directly (which ensures that exactly one command is invoked and that
all of the strings passed to it are treated as direct arguments to
that one command).

In the fututre, we should consider refactoring
'libprocess::subprocess()' to pull the base functionality into stout
to avoid initializing libprocess for simple use cases like this one.



Diff: https://reviews.apache.org/r/52011/diff/


$ GTEST_FILTER="" make -j check
$ src/mesos-tests
$ sudo src/mesos-tests


Kevin Klues

Reply via email to