scblack321
commented
8 months ago No need to check for command injection. Jobs will do it and conditionally quote strings on command line as needed. Apps never sends anything directly to command line.
Closed scblack321 closed 7 months ago
scblack321
commented
8 months ago No need to check for command injection. Jobs will do it and conditionally quote strings on command line as needed. Apps never sends anything directly to command line.
During create/update check various attributes for signs of command injection. Also check for characters that are most likely garbage, such as control characters. Reject request.
See also issues: https://github.com/tapis-project/tapis-systems/issues/55 https://github.com/tapis-project/tapis-jobs/issues/26