Security hardening: fix possible shell injection vulnerability
The glance/cmd/control.py file contains a possible shell injection vulnerability: https://github.com/openstack/glance/blob/master/glance/cmd/control.py#L134 . Setting 'shell=True' here opens the possibility of shell injection by setting server to something like '; rm -rf /'. This will cause the command 'rm -rf /' to be run with the privileges of the user that ran Glance. The fix is to parameterize the input so that the command run here can only be 'logger'. Change-Id: If48106ceea1dd582bcec9d03e056d88591bcba8d Closes-bug: 1335208
This commit is contained in:
parent
44e607df7c
commit
63c606f696
|
@ -129,9 +129,9 @@ def do_start(verb, pid_file, server, args):
|
|||
pass
|
||||
|
||||
def redirect_to_syslog(fds, server):
|
||||
log_cmd = 'logger -t "%s[%d]"' % (server, os.getpid())
|
||||
process = subprocess.Popen(log_cmd,
|
||||
shell=True,
|
||||
log_cmd = 'logger'
|
||||
log_cmd_params = '-t "%s[%d]"' % (server, os.getpid())
|
||||
process = subprocess.Popen([log_cmd, log_cmd_params],
|
||||
stdin=subprocess.PIPE)
|
||||
for desc in fds: # pipe to logger command
|
||||
try:
|
||||
|
|
Loading…
Reference in New Issue