[Bug 1267393] Re: [MIR] juju-core, juju-mongodb, gccgo, golang

[Seth Arnold]

My primary concern was with the confused double duty of the shell
quoting -- sometimes it was being used to protect an input from a user,
and sometimes it was being used to transmit scripts to remote peers.

I really hope to see something akin to sql prepared statements in juju
that use the class system to enforce proper quoting of inputs when they
must be used as an argument to a command, so that ad hoc constructions
aren't scattered throughout the codebase.

Replacing juju-backup sounds like an improvement, but that was just one
instance of the above complaint.

Embedding sudo into the program to avoid running the entire bootstrap
process as root does make sense, but I do wonder if unprivileged lxc
containers would be more appropriate at this point. It still seems like
a large assumption about how sudo can be used on the juju host --
perhaps it is fair to say the juju host must be dedicated to the task,
but it'd be nice to see that spelled out explicitly.

I'll ask Tyler to look at our backlog and fit this in where we can.
Thanks.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to golang in Ubuntu.
https://bugs.launchpad.net/bugs/1267393

Title:
  [MIR] juju-core, juju-mongodb, gccgo, golang

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gccgo-5/+bug/1267393/+subscriptions