Beware global state in hooks
gustavo at niemeyer.net
Mon Sep 16 23:21:56 UTC 2013
Doesn't really seem like an issue. It's usual to see things not
working if a process environment is arbitrarily modified
(communication with X is broken, password agent is gone, etc). It's
even less of an issue given the original context provided, with
setuid. *Hopefully* changing to an arbitrary user will stop the
communication of the juju commands with the agent.
On Mon, Sep 16, 2013 at 8:12 PM, Kapil Thangavelu
<kapil.thangavelu at canonical.com> wrote:
> Process hierarchy
> unit agent -> hook -> juju-cli hook api (config-get/relation-get/set)
> He's saying the hook env can effect runtime of the hook cli api. Its
> debatable, but one option might be white-listing env variables that the
> hooks support, and unsetting those not related.
> On Tue, Sep 17, 2013 at 7:52 AM, David Cheney <david.cheney at canonical.com>
>> > Be careful when touching process-global state when writing charm
>> > hooks. Calling out to the juju tools such as config-get will inherit
>> > the normal C environment, and juju may break in surprising ways if you
>> > don't leave it how you found it.
>> I'm confused, are you saying the subprocess was able to mutate the
>> environment of the caller ? I really don't follow.
>> Juju mailing list
>> Juju at lists.ubuntu.com
>> Modify settings or unsubscribe at:
> Juju mailing list
> Juju at lists.ubuntu.com
> Modify settings or unsubscribe at:
gustavo @ http://niemeyer.net
More information about the Juju