-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fork Bomb Fixes #601
Fork Bomb Fixes #601
Conversation
Is there a good reason not to parse options before running the It would be nice if the |
If we don't want to parse the options first, could we put the Note that I may be missing something fundamental here too.. |
I struggled a bunch with these questions... The standard library's flag parsing has, AFAIK, no way to ignore unknown options. They will trigger an I thought about whether to move the And while I understand the appeal of making Maybe another thing to remember, is the whole FindNewest implementation replaces one that would have copied the binary over the current running on. |
Ok that all makes sense! We could reason about a dedicated 'test executable' subcommand (the subcommand check doesn't require flag parsing) that might be too trivial an execution path to be useful.. |
I thought about that too! As is, the code path is the same for testing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm once tests are passing
In #590 we expanded
checkExecutable
to invoke the executable to verify correctness. When taken withlauncher's
inclination to exec newer versions, this created a fork bomb. There was a fix added in #595, but that's not adequate.This PR attempts to address this in three ways. While any one of them should be adequate, we may as one run all three.
First, we add an environmental variable that skips the initial re-exec functionality. This isn't documented, and is meant for internal use only. Frustratingly, we cannot just add it to flags, as we can't parse flags prior to exec.
Second, this risk primarily comes from the
FindNewestSelf
code path. This introduceswithRunningExectuable
as a mechanism to indicate that we should not check a given path.Third, if we can determine
os.Executable
, don't exec it. This is duplicative with the second option. But, it comes at it from a different direction. Seems better to have both