On Tue, Mar 29, 2016 at 12:08:50PM -0400, Aaron Conole wrote: > Ben Pfaff <b...@ovn.org> writes: > > > On Tue, Mar 29, 2016 at 06:04:44AM +0000, Wojciechowicz, RobertX wrote: > >> > -----Original Message----- > >> > From: dev [mailto:dev-boun...@openvswitch.org] On Behalf Of Aaron > >> > Conole > >> > Sent: Monday, March 28, 2016 8:55 PM > >> > To: dev@openvswitch.org > >> > Cc: Flavio Leitner <f...@sysclose.org> > >> > Subject: Re: [ovs-dev] [PATCH v10 0/6] Convert DPDK configuration from > >> > command line to DB based > >> > > >> > Hi (and apologies if the top posting is inappropriate), > >> > > >> > Don't want to be a pest, but just pinging re: this series. What work > >> > remains? I want to try and close this out to do some additional > >> > vhostuser config work, so anything that might be gating this please let > >> > me know and I'll work on it. > >> > > >> > >> Please remember to add "vhost-sock-dir" to the database, > >> even if there will be used the default directory (no command line value). > > > > I'm nervous about adding unrestricted directory names to the database, > > because they could allow a remote database user to write to arbitrary > > places in the file system. > > I see your point here. Is there a suggested mechanism to resolve this? > What if we had a scheme like: > > ovs_rundir() + dboption > > where we scrubbed dboption for '..' characters. Since I'm in this area > right now doing the change, I don't mind altering this scheme, but it > does slightly change the semantic of the option so I'd want to hear from > folks before making said scheme change.
That would make me happy; I can't speak for the others of course. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
