openstack team mailing list archive

Thread
Date

Re: security blueprint related to os binaries

To: Stanislav Pugachev <spugachev@xxxxxxxxxxxxxxxx>
From: Victor Lowther <victor.lowther@xxxxxxxxx>
Date: Tue, 14 May 2013 07:36:59 -0500
Cc: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CALCLnm_x--d356r5T+0nWDeUdoiwYBEKgH40sO15+jRgwBVEPg@mail.gmail.com>

Err, sounds like a lot of work to make the code more fragile.  If you want
to be paranoid about launching the right command, do it by sanity-checking
$PATH, not by hardcoding the path of all the executables you call.


On Tue, May 14, 2013 at 5:56 AM, Stanislav Pugachev <
spugachev@xxxxxxxxxxxxxxxx> wrote:

> Hi,
> I've added a blueprint
> https://blueprints.launchpad.net/hacking/+spec/absolute-paths-of-os-binaries
> Please, take a look and let's discuss it if it makes sense.
> Thank you
> Stas.
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>

Follow ups

Re: security blueprint related to os binaries
From: Vasiliy Khomenko, 2013-05-14
Re: security blueprint related to os binaries
From: Stanislav Pugachev, 2013-05-14

References

security blueprint related to os binaries
From: Stanislav Pugachev, 2013-05-14