This change addresses a predictable temporary file vulnerability in
the code path that writes the cassandra configuration. Unit tests have
been added.
Since there is a problem with Mock()'ing a shared entry point (like
os.unlink or utils.execute_with_timeout) there is an inherent
instability in these tests. The safe way around this is to make
write_config() accept arguments that can be Mock()'ed for the purpose
of testing.
A lengthy explanation of the rationale for this change is on the
openstack-trove IRC channel at about 10:40AM on 12/29/2014.
Also, there was a redundant test that has been eliminated.
Reviewed: https:/ /review. openstack. org/138719 /git.openstack. org/cgit/ openstack/ trove/commit/ ?id=61774984aa2 bacfe89867fc39a 402a6a4cfb8f33
Committed: https:/
Submitter: Jenkins
Branch: master
commit 61774984aa2bacf e89867fc39a402a 6a4cfb8f33
Author: Amrith Kumar <email address hidden>
Date: Thu Dec 4 10:26:24 2014 +0200
Address predictable temp file vulnerability
This change addresses a predictable temporary file vulnerability in
the code path that writes the cassandra configuration. Unit tests have
been added.
Since there is a problem with Mock()'ing a shared entry point (like with_timeout) there is an inherent
os.unlink or utils.execute_
instability in these tests. The safe way around this is to make
write_config() accept arguments that can be Mock()'ed for the purpose
of testing.
A lengthy explanation of the rationale for this change is on the
openstack-trove IRC channel at about 10:40AM on 12/29/2014.
Also, there was a redundant test that has been eliminated.
Change-Id: I760b937b6714b2 b2b366cd8bdb700 bece6055fba
Closes-Bug: #1398195
Partial-Bug: #1398966