switch back from golang.org/x/sys/execabs to os/exec (go1.19)

This is effectively a revert of 2ac9968401, which switched from os/exec to the golang.org/x/sys/execabs package to mitigate security issues (mainly on Windows) with lookups resolving to binaries in the current directory. from the go1.19 release notes https://go.dev/doc/go1.19#os-exec-path > ## PATH lookups > > Command and LookPath no longer allow results from a PATH search to be found > relative to the current directory. This removes a common source of security > problems but may also break existing programs that depend on using, say, > exec.Command("prog") to run a binary named prog (or, on Windows, prog.exe) in > the current directory. See the os/exec package documentation for information > about how best to update such programs. > > On Windows, Command and LookPath now respect the NoDefaultCurrentDirectoryInExePath > environment variable, making it possible to disable the default implicit search > of “.” in PATH lookups on Windows systems. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-09 12:39:20 +01:00
parent 6cd0e8e405
commit 2af6db672e
36 changed files with 41 additions and 48 deletions
--- a/integration/main_test.go
+++ b/integration/main_test.go
@@ -25,6 +25,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"os/exec"
 	"path/filepath"
 	goruntime "runtime"
 	"strconv"
@@ -47,7 +48,6 @@ import (
 	"github.com/opencontainers/selinux/go-selinux"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	exec "golang.org/x/sys/execabs"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
 	runtime "k8s.io/cri-api/pkg/apis/runtime/v1"