Security hardening: fix possible shell injection vulnerability

The glance/cmd/control.py file contains a possible shell injection vulnerability: https://github.com/openstack/glance/blob/master/glance/cmd/control.py#L134 . Setting 'shell=True' here opens the possibility of shell injection by setting server to something like '; rm -rf /'. This will cause the command 'rm -rf /' to be run with the privileges of the user that ran Glance. The fix is to parameterize the input so that the command run here can only be 'logger'. Change-Id: If48106ceea1dd582bcec9d03e056d88591bcba8d Closes-bug: 1335208
openstack · Jul 21, 2014 · 63c606f · 63c606f
1 parent 44e607d
commit 63c606f
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/glance/cmd/control.py b/glance/cmd/control.py
@@ -129,9 +129,9 @@ def redirect_to_null(fds):
                     pass
 
     def redirect_to_syslog(fds, server):
-        log_cmd = 'logger -t "%s[%d]"' % (server, os.getpid())
-        process = subprocess.Popen(log_cmd,
-                                   shell=True,
+        log_cmd = 'logger'
+        log_cmd_params = '-t "%s[%d]"' % (server, os.getpid())
+        process = subprocess.Popen([log_cmd, log_cmd_params],
                                    stdin=subprocess.PIPE)
         for desc in fds:  # pipe to logger command
             try: