Never run Flask application with debug mode
Flask server in debug mode allows users to execute any Python code on a server, which is a security issue for us. Change-Id: I9e12510b0abb04182e85bf3f73cdad29e1f8d382 Closes-Bug: #1506419
This commit is contained in:
parent
05b3a6ec6b
commit
77d0052c51
@ -364,7 +364,7 @@ def create_ssl_context():
|
|||||||
return context
|
return context
|
||||||
|
|
||||||
|
|
||||||
def main(args=sys.argv[1:], in_functional_test=False): # pragma: no cover
|
def main(args=sys.argv[1:]): # pragma: no cover
|
||||||
log.register_options(CONF)
|
log.register_options(CONF)
|
||||||
CONF(args, project='ironic-inspector')
|
CONF(args, project='ironic-inspector')
|
||||||
debug = CONF.debug
|
debug = CONF.debug
|
||||||
@ -377,8 +377,7 @@ def main(args=sys.argv[1:], in_functional_test=False): # pragma: no cover
|
|||||||
'ironicclient.common.http=ERROR')])
|
'ironicclient.common.http=ERROR')])
|
||||||
log.setup(CONF, 'ironic_inspector')
|
log.setup(CONF, 'ironic_inspector')
|
||||||
|
|
||||||
app_kwargs = {'debug': debug and not in_functional_test,
|
app_kwargs = {'host': CONF.listen_address,
|
||||||
'host': CONF.listen_address,
|
|
||||||
'port': CONF.listen_port}
|
'port': CONF.listen_port}
|
||||||
|
|
||||||
context = create_ssl_context()
|
context = create_ssl_context()
|
||||||
|
@ -372,8 +372,7 @@ def mocked_server():
|
|||||||
cfg.CONF.unregister_opt(dbsync.command_opt)
|
cfg.CONF.unregister_opt(dbsync.command_opt)
|
||||||
|
|
||||||
eventlet.greenthread.spawn_n(main.main,
|
eventlet.greenthread.spawn_n(main.main,
|
||||||
args=['--config-file', conf_file],
|
args=['--config-file', conf_file])
|
||||||
in_functional_test=True)
|
|
||||||
eventlet.greenthread.sleep(1)
|
eventlet.greenthread.sleep(1)
|
||||||
# Wait for service to start up to 30 seconds
|
# Wait for service to start up to 30 seconds
|
||||||
for i in range(10):
|
for i in range(10):
|
||||||
|
Loading…
Reference in New Issue
Block a user