You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Configuration file parsing should be a safe action, so we can drop the
work-around we have (privilege drops, etc.). Per older issue:
exec is a security risk and a code smell whether run as a regular user
or as root; regular users have lots of important data and secrets too.
The comment even acknowledges this...
Yes, long-term we should migrate out from the format of the configuration
files have now (python code with exec()), but that will be a huge change,
and a lot of stuff will need to be changed in all the infrastructure using
Mock.
Configuration file parsing should be a safe action, so we can drop the
work-around we have (privilege drops, etc.). Per older issue:
Yes, long-term we should migrate out from the format of the configuration
files have now (python code with exec()), but that will be a huge change,
and a lot of stuff will need to be changed in all the infrastructure using
Mock.
Originally posted by @praiskup in #990 (comment)
The text was updated successfully, but these errors were encountered: