summaryrefslogtreecommitdiffstats
path: root/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-11-08 16:48:58 +0100
committermakefu <github@syntax-fehler.de>2016-11-08 16:48:58 +0100
commitdbb25f7288be2c9d2afe796d63d1a070e353daca (patch)
treef33630255ec39e4db545eaa63e5acff55efbafdf /krebs/5pkgs/Reaktor/scripts/sed-plugin.py
parent6e8e38be163904fe138b4d8dd0bec2e1b8bd317c (diff)
k 5 Reaktor: harden sed-plugin
Diffstat (limited to 'krebs/5pkgs/Reaktor/scripts/sed-plugin.py')
-rw-r--r--krebs/5pkgs/Reaktor/scripts/sed-plugin.py17
1 files changed, 15 insertions, 2 deletions
diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
index 8103c9585..6039aeb43 100644
--- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
+++ b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
@@ -34,9 +34,22 @@ if m:
flagstr = ''
last = d.get(usr,None)
if last:
- #print(re.sub(fn,tn,last,count=count,flags=flags))
from subprocess import Popen,PIPE
- p = Popen(['sed','s/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE )
+ import shutil
+ from os.path import realpath
+ # sed only needs stdin/stdout, we protect state_dir with this
+ # input to read/write arbitrary files:
+ # s/.\/\/; w /tmp/i (props to waldi)
+ # conclusion: sed is untrusted and we handle it like this
+ p = Popen(['proot',
+ # '-v','1',
+ '-w','/', # cwd is root
+ '-b','/nix/store', # mount important folders
+ '-b','/usr',
+ '-b','/bin',
+ '-r','/var/empty', # chroot to /var/empty
+ realpath(shutil.which('sed')),
+ 's/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE )
so,se = p.communicate(bytes("{}\n".format(last),"UTF-8"))
if p.returncode:
print("something went wrong when trying to process your regex: {}".format(se.decode()))