diff options
| author |   Michel Normand <michel.mno@free.fr> | 2011-03-15 20:19:07 +0100 |
|---|---|---|
| committer |   Daniel Lezcano <dlezcano@fr.ibm.com> | 2011-03-22 15:17:21 +0100 |
| commit | 1a91da6ca6b3679944757cad2aef93d85ea33ed0 (patch) | |
| tree | 1bd3891c608633e03bd3e92d88173349d558d5cb /src | |
| parent | lxc_cgroup_path_get, cache the right value (diff) | |
| download | lxc-1a91da6ca6b3679944757cad2aef93d85ea33ed0.tar.gz lxc-1a91da6ca6b3679944757cad2aef93d85ea33ed0.tar.bz2 lxc-1a91da6ca6b3679944757cad2aef93d85ea33ed0.zip | |
lxc-* tools are vulnerable for arguments with spaces
this is related to the bug
http://sourceforge.net/tracker/?func=detail&aid=3113612&group_id=163076&atid=826303
that suggested to modify bash lxc script to properly use "$@" in place of "$*"
Signed-off-by: Michel Normand <michel.mno@free.fr>
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/lxc/lxc-ls.in | 4 | ||||
| -rw-r--r-- | src/lxc/lxc-netstat.in | 6 | ||||
| -rw-r--r-- | src/lxc/lxc-setcap.in | 4 | ||||
| -rw-r--r-- | src/lxc/lxc-setuid.in | 6 |
4 files changed, 10 insertions, 10 deletions
diff --git a/src/lxc/lxc-ls.in b/src/lxc/lxc-ls.in index 7d2dad0..3cd7c24 100644 --- a/src/lxc/lxc-ls.in +++ b/src/lxc/lxc-ls.in @@ -18,7 +18,7 @@ function get_cgroup() fi } -ls $* $lxcpath +ls "$@" $lxcpath active=$(netstat -xa | grep $lxcpath | \ sed -e 's#.*'"$lxcpath/"'\(.*\)/command#\1#'); @@ -26,6 +26,6 @@ active=$(netstat -xa | grep $lxcpath | \ if test -n "$active"; then get_cgroup if test -n "$mount_point"; then - cd $mount_point; ls $* -d $active + cd $mount_point; ls "$@" -d $active fi fi diff --git a/src/lxc/lxc-netstat.in b/src/lxc/lxc-netstat.in index 9d9f767..9f3e9f3 100644 --- a/src/lxc/lxc-netstat.in +++ b/src/lxc/lxc-netstat.in @@ -25,7 +25,7 @@ if [ $# -eq 0 ]; then exit 1 fi -for i in $*; do +for i in "$@"; do case $i in -h|--help) help; exit 1;; @@ -37,7 +37,7 @@ for i in $*; do done if [ -z "$exec" ]; then - exec @BINDIR@/lxc-unshare -s MOUNT -- $0 -n $name --exec $* + exec @BINDIR@/lxc-unshare -s MOUNT -- $0 -n $name --exec "$@" fi if [ -z "$name" ]; then @@ -72,4 +72,4 @@ if [ -z "$pid" ]; then fi mount --bind /proc/$pid/net /proc/$$/net && \ - exec netstat $* + exec netstat "$@" diff --git a/src/lxc/lxc-setcap.in b/src/lxc/lxc-setcap.in index cc719b5..3226769 100644 --- a/src/lxc/lxc-setcap.in +++ b/src/lxc/lxc-setcap.in @@ -83,9 +83,9 @@ if [ $? != 0 ]; then exit 1 fi -set -- $(getopt dh $*) +set -- $(getopt dh "$@") -for i in $*; do +for i in "$@"; do case "$1" in -d) LXC_DROP_CAPS="yes" diff --git a/src/lxc/lxc-setuid.in b/src/lxc/lxc-setuid.in index 86d7d4a..b1bbfff 100644 --- a/src/lxc/lxc-setuid.in +++ b/src/lxc/lxc-setuid.in @@ -81,9 +81,9 @@ if [ $? != 0 ]; then exit 1 fi -set -- $(getopt dh $*) +set -- $(getopt dh "$@") -for i in $*; do +for i in "$@"; do case "$1" in -d) LXC_DROP_CAPS="yes" @@ -108,4 +108,4 @@ if [ -z "$LXC_DROP_CAPS" ]; then lxc_setuid else lxc_dropuid -fi
\ No newline at end of file +fi |