Uploaded image for project: 'Ruby Driver'
  1. Ruby Driver
  2. RUBY-2034

Improve security of mongocryptd spawning

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Fixed
    • Priority: Icon: Minor - P4 Minor - P4
    • 2.12.0.rc0
    • Affects Version/s: None
    • Component/s: None
    • None
    • Fully Compatible

      Instead of Process.spawn:

      • Try fork/exec to avoid the command being interpreted as shell command rather than process path
      • Test on jruby, expect failure to fork
      • Rescue fork error, assuming it is possible to tell the error is because fork is unsupported (jruby/windows) use Process.spawn
      • When Process.spawn is used, prohibit spaces and & in mcd path

            Assignee:
            oleg.pudeyev@mongodb.com Oleg Pudeyev (Inactive)
            Reporter:
            oleg.pudeyev@mongodb.com Oleg Pudeyev (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: