Security hardening: fix possible shell injection vulnerability

The glance/cmd/control.py file contains a possible shell injection vulnerability: https://github.com/openstack/glance/blob/master/glance/cmd/control.py#L134 . Setting 'shell=True' here opens the possibility of shell injection by setting server to something like '; rm -rf /'. This will cause the command 'rm -rf /' to be run with the privileges of the user that ran Glance. The fix is to parameterize the input so that the command run here can only be 'logger'. Change-Id: If48106ceea1dd582bcec9d03e056d88591bcba8d Closes-bug: 1335208
2014-07-18 11:23:16 -07:00 · 2014-07-18 11:23:16 -07:00 · 63c606f696
parent 44e607df7c
commit 63c606f696
1 changed files with 3 additions and 3 deletions
--- a/glance/cmd/control.py
+++ b/glance/cmd/control.py
@ -129,9 +129,9 @@ def do_start(verb, pid_file, server, args):
                    pass

    def redirect_to_syslog(fds, server):
-        log_cmd = 'logger -t "%s[%d]"' % (server, os.getpid())
-        process = subprocess.Popen(log_cmd,
-                                   shell=True,
+        log_cmd = 'logger'
+        log_cmd_params = '-t "%s[%d]"' % (server, os.getpid())
+        process = subprocess.Popen([log_cmd, log_cmd_params],
                                   stdin=subprocess.PIPE)
        for desc in fds:  # pipe to logger command
            try: