bug#30683: [PATCH] build: add a configure flag to force --sandbox

bug-sed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#30683: [PATCH] build: add a configure flag to force --sandbox

From:	Mike Frysinger
Subject:	bug#30683: [PATCH] build: add a configure flag to force --sandbox
Date:	Fri, 2 Mar 2018 17:28:15 -0500

From: Mike Frysinger <address@hidden>

When building systems that integrate code scripts from a variety of
sources, it's hard to guarantee all users of sed are robust, and it's
not easy to make sure everyone uses --sandbox all the time.  Lets add
a configure option so people can easily build a GNU sed that always
enforces --sandbox mode.  This makes sure sed stays a dumb text tool
and can't be used as an avenue for code injection.

Consider a "benign" argument controlled by the user to a script that
is inlined as a match in a sed script.  Yes, the argument should have
been properly checked and/or sanitized, but the overall integrity of
the system shouldn't suffer because of these common mistakes.

* configure.ac: Add --enable-forced-sandbox option, and define
ENABLE_FORCED_SANDBOX when enabled.
* sed/sed.c (sandbox): Set to true when ENABLE_FORCED_SANDBOX,
else set to false.
---
 configure.ac | 7 +++++++
 sed/sed.c    | 7 ++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 4c57d682f976..8531fc2f0fe8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -123,6 +123,13 @@ fi
 AM_CONDITIONAL([TEST_SYMLINKS],
           [test "$ac_cv_func_lstat:$ac_cv_func_readlink" = yes:yes])
 
+AC_ARG_ENABLE([forced-sandbox],
+  [AS_HELP_STRING([--enable-forced-sandbox)],
+     [always run with --sandbox enabled])])
+if test "$enable_forced_sandbox" = "yes"; then
+  AC_DEFINE([ENABLE_FORCED_SANDBOX], , [Always enabled --sandbox mode])
+fi
+
 AC_ARG_ENABLE(i18n,
 [  --disable-i18n          disable internationalization (default=enabled)], ,
 enable_i18n=yes)
diff --git a/sed/sed.c b/sed/sed.c
index 65bcab5ac58a..9d4a7a888c54 100644
--- a/sed/sed.c
+++ b/sed/sed.c
@@ -55,7 +55,12 @@ bool separate_files = false;
 bool follow_symlinks = false;
 
 /* If set, opearate in 'sandbox' mode */
-bool sandbox = false;
+bool sandbox =
+#ifdef ENABLE_FORCED_SANDBOX
+  true;
+#else
+  false;
+#endif
 
 /* How do we edit files in-place? (we don't if NULL) */
 char *in_place_extension = NULL;
-- 
2.16.1

[Prev in Thread]

Current Thread

[Next in Thread]

bug#30683: [PATCH] build: add a configure flag to force --sandbox, Mike Frysinger <=
- bug#30683: [PATCH] build: add a configure flag to force --sandbox, Assaf Gordon, 2018/03/02
  - bug#30683: [PATCH] build: add a configure flag to force --sandbox, Eric Blake, 2018/03/02
    - bug#30683: [PATCH] build: add a configure flag to force --sandbox, Assaf Gordon, 2018/03/02
    - bug#30683: [PATCH] build: add a configure flag to force --sandbox, Jim Meyering, 2018/03/02
    - bug#30683: [PATCH] build: add a configure flag to force --sandbox, Mike Frysinger, 2018/03/04
    - bug#30683: [PATCH] build: add a configure flag to force --sandbox, Jim Meyering, 2018/03/04
  - bug#30683: [PATCH] build: add a configure flag to force --sandbox, Mike Frysinger, 2018/03/02

Prev by Date: bug#30682: [PATCH] sed: note in --help what commands are disabled by --sandbox
Next by Date: bug#30683: [PATCH] build: add a configure flag to force --sandbox
Previous by thread: bug#30682: [PATCH] sed: note in --help what commands are disabled by --sandbox
Next by thread: bug#30683: [PATCH] build: add a configure flag to force --sandbox
Index(es):
- Date
- Thread