[lxc-devel] [ lxc-Bugs-3113612 ] lxc-* tools are vulnerable for arguments with spaces
Trent W. Buck
twb at cybersource.com.au
Wed Dec 15 00:21:18 UTC 2010
"SourceForge.net" <noreply at sourceforge.net>
writes:
> Bugs item #3113612, was opened at 2010-11-20 20:23
> Summary: lxc-* tools are vulnerable for arguments with spaces
FWIW, I was vaguely aware of this and I try to guard against it by
requiring my container names to be valid hostnames. Near the top of my
custom lxc-create(8) (note: requires bash 4):
if ! [[ $name =~ ^[[:alnum:]]([[:alnum:]-]{0,61}[[:alnum:]])?$ ]]
then cat 2>&1 <<-EOF
Hostname ($name) must be a valid RFC 952 hostname,
i.e. between one and sixty-three alphanumeric or hyphen
characters, neither starting nor ending in a hyphen.
EOF
exit 1
fi
and in the /etc/init.d/lxc,
for name in $ROOT_DIR/*/forceboot
do name=${name%/forceboot}
name=${name#$ROOT_DIR/}
# Skip it if it doesn't have an RFC952 hostname (e.g. no fooserv.~1~'s)
[[ $name =~ ^[[:alnum:]]([[:alnum:]-]{0,61}[[:alnum:]])?$ ]] || continue
[...]
done
More information about the lxc-devel
mailing list