| 1 |
Set PATH to /dev/null when sourcing the ebuild for dependency resolution |
| 2 |
in order to prevent shell from finding external commands via PATH |
| 3 |
lookup. While this does not prevent executing programs via full path, it |
| 4 |
should catch the majority of accidental uses. |
| 5 |
|
| 6 |
Closes: https://github.com/gentoo/portage/pull/199 |
| 7 |
|
| 8 |
// Note: this can't be merged right now since we still have ebuilds |
| 9 |
// calling external commands; see: |
| 10 |
// https://bugs.gentoo.org/show_bug.cgi?id=629222 |
| 11 |
--- |
| 12 |
bin/ebuild.sh | 6 +++++- |
| 13 |
bin/isolated-functions.sh | 4 ++++ |
| 14 |
2 files changed, 9 insertions(+), 1 deletion(-) |
| 15 |
|
| 16 |
diff --git a/bin/ebuild.sh b/bin/ebuild.sh |
| 17 |
index c23561651..94a44d534 100755 |
| 18 |
--- a/bin/ebuild.sh |
| 19 |
+++ b/bin/ebuild.sh |
| 20 |
@@ -80,8 +80,12 @@ else |
| 21 |
done |
| 22 |
unset funcs x |
| 23 |
|
| 24 |
+ # prevent the shell from finding external executables |
| 25 |
+ # note: we can't use empty because it implies current directory |
| 26 |
+ _PORTAGE_ORIG_PATH=${PATH} |
| 27 |
+ export PATH=/dev/null |
| 28 |
command_not_found_handle() { |
| 29 |
- die "Command not found while sourcing ebuild: ${*}" |
| 30 |
+ die "External commands disallowed while sourcing ebuild: ${*}" |
| 31 |
} |
| 32 |
fi |
| 33 |
|
| 34 |
diff --git a/bin/isolated-functions.sh b/bin/isolated-functions.sh |
| 35 |
index e320f7132..b28e44f18 100644 |
| 36 |
--- a/bin/isolated-functions.sh |
| 37 |
+++ b/bin/isolated-functions.sh |
| 38 |
@@ -121,6 +121,10 @@ __helpers_die() { |
| 39 |
} |
| 40 |
|
| 41 |
die() { |
| 42 |
+ # restore PATH since die calls basename & sed |
| 43 |
+ # TODO: make it pure bash |
| 44 |
+ [[ -n ${_PORTAGE_ORIG_PATH} ]] && PATH=${_PORTAGE_ORIG_PATH} |
| 45 |
+ |
| 46 |
set +x # tracing only produces useless noise here |
| 47 |
local IFS=$' \t\n' |
| 48 |
|
| 49 |
-- |
| 50 |
2.14.1 |
Archives