[lxc-devel] Valid Container Names/Identifiers
Joel Nider
JOELN at il.ibm.com
Mon Jan 5 09:45:28 UTC 2015
I was on holidays so I just saw this - I will be happy to put together a
patch.
Joel Nider
Virtualization Research
IBM Research and Development
Haifa Research Lab
Phone: 972-4-829-6326 | Mobile: 972-54-3155635
E-mail: JOELN at il.ibm.com
From: Serge Hallyn <serge.hallyn at ubuntu.com>
To: LXC development mailing-list <lxc-devel at lists.linuxcontainers.org>
Date: 18/12/2014 05:42 PM
Subject: Re: [lxc-devel] Valid Container Names/Identifiers
Sent by: "lxc-devel" <lxc-devel-bounces at lists.linuxcontainers.org>
Agreed. Would you mind coming up with a proposed patch to be stricter at
lxcapi_create() and sending it out?
Quoting Joel Nider (JOELN at il.ibm.com):
> I would strongly suggest to nail this down now since the question came
up.
> This is the kind of issue that could create security bugs later on
(when
> different parts of the code check for valid names in different ways, or
> don't check at all). Stephane's suggestion of a 64 ASCII character
string
> that forms a valid Linux hostname sounds good to me - is this formally
> defined somewhere?
>
> Regards,
>
> Joel
>
> "lxc-devel" <lxc-devel-bounces at lists.linuxcontainers.org> wrote on
> 16/12/2014 05:22:05 PM:
>
> > From: Stéphane Graber <stgraber at ubuntu.com>
> > To: LXC development mailing-list <lxc-devel at lists.linuxcontainers.org>
> > Date: 16/12/2014 05:22 PM
> > Subject: Re: [lxc-devel] Valid Container Names/Identifiers
> > Sent by: "lxc-devel" <lxc-devel-bounces at lists.linuxcontainers.org>
> >
> > On Tue, Dec 16, 2014 at 10:36:13AM +0100, Till Walter wrote:
> > > Dear LXC Developers,
> > >
> > > the manual page of lxc-create states that "The container identifier
> > > format is an alphanumeric string". Yet besides [A-Za-z0-9] other
> > > characters like underscore are also fine.
> > > I had a brief look at the source but did not find any check, e.g.,
> > > using a regex. Is there any check at all? What are valid container
> > > identifiers/names?
> > > I am asking because I am using the official python bindings to write
a
> > > little utility and want to avoid container naming problems that may
> > > arise.
> > >
> > > Best regards,
> > >
> > > BB
> >
> > So LXC itself doesn't really have a definition for valid names,
however
> > since the name is typically used for the container's hostname, you
> > should stick to what's considered a valid hostname on Linux.
> >
> > There's a POSIX RFC for that but IIRC it's basically 64 chars ASCII.
> >
> > --
> > Stéphane Graber
> > Ubuntu developer
> > http://www.ubuntu.com
> > [attachment "signature.asc" deleted by Joel Nider/Haifa/IBM]
> > _______________________________________________
> > lxc-devel mailing list
> > lxc-devel at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-devel
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
_______________________________________________
lxc-devel mailing list
lxc-devel at lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list