Gentoo Archives: gentoo-portage-dev

From: Alec Warner <antarus@g.o>
To: gentoo-portage-dev@l.g.o
Subject: Re: [gentoo-portage-dev] [PATCH] ebuild.sh: Completely ban external commands in global scope
Date: Fri, 08 Sep 2017 18:48:37
Message-Id: CAAr7Pr8HzNZk+Ntp62Dz571cmN-diDiF8jKxz9pS8FBN=hPrAg@mail.gmail.com
In Reply to: Re: [gentoo-portage-dev] [PATCH] ebuild.sh: Completely ban external commands in global scope by "Michał Górny"
1 Why PATH=/dev/null vs export PATH=""
2
3 On Thu, Sep 7, 2017 at 3:36 AM, Michał Górny <mgorny@g.o> wrote:
4
5 > Dnia 31 sierpnia 2017 22:45:42 CEST, "Michał Górny" <mgorny@g.o>
6 > napisał(a):
7 > >Set PATH to /dev/null when sourcing the ebuild for dependency
8 > >resolution
9 > >in order to prevent shell from finding external commands via PATH
10 > >lookup. While this does not prevent executing programs via full path,
11 > >it
12 > >should catch the majority of accidental uses.
13 > >
14 > >Closes: https://github.com/gentoo/portage/pull/199
15 > >
16 > >// Note: this can't be merged right now since we still have ebuilds
17 > >// calling external commands; see:
18 > >// https://bugs.gentoo.org/show_bug.cgi?id=629222
19 >
20 > Update: gentoo is green now
21 >
22 > >---
23 > > bin/ebuild.sh | 6 +++++-
24 > > bin/isolated-functions.sh | 4 ++++
25 > > 2 files changed, 9 insertions(+), 1 deletion(-)
26 > >
27 > >diff --git a/bin/ebuild.sh b/bin/ebuild.sh
28 > >index c23561651..94a44d534 100755
29 > >--- a/bin/ebuild.sh
30 > >+++ b/bin/ebuild.sh
31 > >@@ -80,8 +80,12 @@ else
32 > > done
33 > > unset funcs x
34 > >
35 > >+ # prevent the shell from finding external executables
36 > >+ # note: we can't use empty because it implies current directory
37 > >+ _PORTAGE_ORIG_PATH=${PATH}
38 > >+ export PATH=/dev/null
39 > > command_not_found_handle() {
40 > >- die "Command not found while sourcing ebuild: ${*}"
41 > >+ die "External commands disallowed while sourcing ebuild:
42 > ${*}"
43 > > }
44 > > fi
45 > >
46 > >diff --git a/bin/isolated-functions.sh b/bin/isolated-functions.sh
47 > >index e320f7132..b28e44f18 100644
48 > >--- a/bin/isolated-functions.sh
49 > >+++ b/bin/isolated-functions.sh
50 > >@@ -121,6 +121,10 @@ __helpers_die() {
51 > > }
52 > >
53 > > die() {
54 > >+ # restore PATH since die calls basename & sed
55 > >+ # TODO: make it pure bash
56 > >+ [[ -n ${_PORTAGE_ORIG_PATH} ]] && PATH=${_PORTAGE_ORIG_PATH}
57 > >+
58 > > set +x # tracing only produces useless noise here
59 > > local IFS=$' \t\n'
60 > >
61 >
62 >
63 > --
64 > Best regards,
65 > Michał Górny (by phone)
66 >
67 >

Replies