Majic Projects
previous_open_issue.png
Go to the previous open issue
previous_issue.png
Go to the previous issue (open or closed)
star_faded.png
Please log in to bookmark issues
bug_report_small.png
Closed Bug report MAR-73 Wrapper for executing commands in virtualenv does not escape input arguments properly
next_issue.png
Go to the next issue (open or closed)
next_open_issue.png
Go to the next open issue
icon_info.png This issue has been closed with status "Closed" and resolution "RESOLVED".
Issue basics
  • Type of issue
    Bug report
  • Category
    Not determined
  • Targetted for
    1.1.0
  • Status
    Closed
  • Progress
  • Priority
    Not determined
User pain
  • Type of bug
    Not triaged
  • Likelihood
    Not triaged
  • Effect
    Not triaged
Affected by this issue (1)
People involved
Times and dates
  • Posted at
  • Last updated
  • Estimated time
    1 hour
  • Time spent
    No time spent
    Click here to see time logged against this issue
Issue details
  • Resolution
    RESOLVED
  • Reproducability
    Always
  • Severity
    Not determined
Attachments (0)
There is nothing attached to this issue
Duplicate issues (0)
This issue does not have any duplicates
Description

The wrapper that gets deployed using the wsgi_website role that helps run commands within a Python virtual environment does not properly escape its input arguments. Instead of having "$@", the script venv_exec.j2 has $@ - i.e. no quotes. This results in errors if any of the arguments passed-in contains a space or some other problematic character.

Steps to reproduce this issue
  1. Deploy wsgi_website role.

  2. Run command using the exec virtualenv wrapper (as wsgi_website admin):

~/virtualenv/bin/exec ls "this should be single argument"

Comments ()
There are no comments
History