[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic] Thoughts on the atomic cli



On Tue, Apr 28, 2015 at 10:45:25AM -0400, Colin Walters wrote:
> > This isolates all the Docker operations
> >   inside a "atomic.dockerapi" module
> 
> This isn't exactly your fault but the pervasive use of shell=True
> without quoting arguments gives me the willies.

Yeah, me too, but I'm not sure there's a good alternative.  What we
get back from the LABEL directives is a string, and we want to support
(well, I *think* we want to support) standard shell environment
variable substitution, etc.

If we impose limits on these things, we can break out, e.g.,
shlex.split() and dump shell=True.  We could supply the environment as
additional arguments to the formatting function so that instead of
$SOME_ENV_VAR you would write {SOME_ENV_VAR}, etc...there are a
variety of tweaks that can be made in this area.

That said, I'm less concerned about shell=True than I would be in
general, because if you're permitting someone to run arbitrary Docker
command lines you have already handed over the keys to your system.

> So how do we move forward?  Seems like we need to get the
> current /usr/bin/atomic contributors to agree on some of these
> changes and code direction?

Something like that, yup. I posted to this list hoping it would be a
good place to engage with all the interested parties.  I am happy to
take the discussion elsewhere if there is a more appropriate forum.

-- 
Lars Kellogg-Stedman <lars redhat com> | larsks @ {freenode,twitter,github}
Cloud Engineering / OpenStack          | http://blog.oddbit.com/

Attachment: signature.asc
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]