Re: [libvirt] [PATCH v2 REPOST 2/8] Qemu arbitrary command-line arguments.
On 07/02/10 - 07:06:34AM, Eric Blake wrote:
On 07/02/2010 07:01 AM, Chris Lalancette wrote:
>>
>> Do we need to validate that the resulting name is valid (starts with a
>> letter, and contains only alphanumeric and _)? arg and env_value can
>> obviously be arbitrary strings, but not env_name.
>
> Hm, interesting, I didn't know that rule about environment variable names.
> That is a good check to make, I'll add it.
Technically, any string that does not contain = can be inserted as an
environment name, but then you can't access them from the shell. So
it's best to restrict environment names to portable names (basically,
the same set as shell variable names).
Interesting point. Since we are directly invoking qemu with execve, in
theory, qemu could access an environment name that doesn't conform to the
shell's rules. That being said, since many people are invoking qemu through
a shell, I doubt qemu would do something like that.
So what do we think; add the restriction, or no?
Also, does the .rng relaxed schema have a way to express the limitation
on valid env_names, for your patch 8/8?
Yeah, there is a way to add patterns to the RNG, if we decide to restrict
the environment variables.
--
Chris Lalancette