Actions
Feature #3312
closedceph-deploy: pushy uses pickle, that's a security problem
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
ceph-deploy
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:
Description
That means "ceph-deploy osd myhost:sdb" could allow myhost to attack the admin workstation. Deserializing pickles from an untrusted source is dangerous: http://docs.python.org/library/pickle
Either refactor pushy to use a more limited protocol (e.g. JSON objects over SSH?), or port ceph-deploy away from pushy.
The idea of "execute this python function remotely over ssh" is very useful, and teuthology could benefit from it also; don't just go back to "run this unix command remotely".
Actions