During create/update check various attributes for signs of command injection.
Also check for characters that are most likely garbage, such as control characters.
Reject request.
No need to check for command injection. Jobs will do it and conditionally quote strings on command line as needed.
Apps never sends anything directly to command line.
During create/update check various attributes for signs of command injection. Also check for characters that are most likely garbage, such as control characters. Reject request.
See also issues: https://github.com/tapis-project/tapis-systems/issues/55 https://github.com/tapis-project/tapis-jobs/issues/26