Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revamp Mock configuration - non-turing complete config parsing #1060

Open
praiskup opened this issue Apr 27, 2023 · 0 comments
Open

Revamp Mock configuration - non-turing complete config parsing #1060

praiskup opened this issue Apr 27, 2023 · 0 comments
Labels
configs Issue in mock-core-configs package enhancement feature request, rfe

Comments

@praiskup
Copy link
Member

Configuration file parsing should be a safe action, so we can drop the
work-around we have (privilege drops, etc.). Per older issue:

exec is a security risk and a code smell whether run as a regular user
or as root; regular users have lots of important data and secrets too.
The comment even acknowledges this...

Yes, long-term we should migrate out from the format of the configuration
files have now (python code with exec()), but that will be a huge change,
and a lot of stuff will need to be changed in all the infrastructure using
Mock.

Originally posted by @praiskup in #990 (comment)
@praiskup praiskup added configs Issue in mock-core-configs package enhancement feature request, rfe labels Apr 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
configs Issue in mock-core-configs package enhancement feature request, rfe
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@praiskup