Beware global state in hooks

Gustavo Niemeyer gustavo at niemeyer.net
Mon Sep 16 23:21:56 UTC 2013


Doesn't really seem like an issue. It's usual to see things not
working if a process environment is arbitrarily modified
(communication with X is broken, password agent is gone,  etc). It's
even less of an issue given the original context provided, with
setuid. *Hopefully* changing to an arbitrary user will stop the
communication of the juju commands with the agent.

On Mon, Sep 16, 2013 at 8:12 PM, Kapil Thangavelu
<kapil.thangavelu at canonical.com> wrote:
> Process hierarchy
>
> unit agent -> hook -> juju-cli hook api (config-get/relation-get/set)
>
> He's saying the hook env can effect runtime of the hook cli api. Its
> debatable, but one option might be white-listing env variables that the
> hooks support, and unsetting those not related.
>
>
>
> On Tue, Sep 17, 2013 at 7:52 AM, David Cheney <david.cheney at canonical.com>
> wrote:
>>
>> > Be careful when touching process-global state when writing charm
>> > hooks. Calling out to the juju tools such as config-get will inherit
>> > the normal C environment, and juju may break in surprising ways if you
>> > don't leave it how you found it.
>>
>> I'm confused, are you saying the subprocess was able to mutate the
>> environment of the caller ? I really don't follow.
>>
>> --
>> Juju mailing list
>> Juju at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/juju
>
>
>
> --
> Juju mailing list
> Juju at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/juju
>



-- 

gustavo @ http://niemeyer.net



More information about the Juju mailing list