Changeset 98156

Timestamp:

Sep 26, 2012, 4:16:41 PM (12 years ago)

Author:

jmr@…

Message:

add rudimentary sandboxing support for commands run via system proc

Location:

trunk/base

Files:

• configure (modified) (2 diffs)
• configure.ac (modified) (1 diff)
• src/pextlib1.0/system.c (modified) (4 diffs)
• src/port1.0/Makefile (modified) (1 diff)
• src/port1.0/port.tcl (modified) (1 diff)
• src/port1.0/port_autoconf.tcl.in (modified) (1 diff)
• src/port1.0/portsandbox.tcl (added)

trunk/base/configure

@@ -711 +711 @@
 SVN
 SED
+SANDBOX_EXEC
 RSYNC
 RMDIR
@@ -5545 +5546 @@
 
 
+# Extract the first word of "sandbox-exec", so it can be a program name with args.
+set dummy sandbox-exec; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_SANDBOX_EXEC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $SANDBOX_EXEC in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_SANDBOX_EXEC="$SANDBOX_EXEC" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in /usr/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_path_SANDBOX_EXEC="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  ;;
+esac
+fi
+SANDBOX_EXEC=$ac_cv_path_SANDBOX_EXEC
+if test -n "$SANDBOX_EXEC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SANDBOX_EXEC" >&5
+$as_echo "$SANDBOX_EXEC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
 # Extract the first word of "sed", so it can be a program name with args.
 set dummy sed; ac_word=$2

trunk/base/configure.ac

@@ -134 +134 @@
 AC_PATH_PROG(RMDIR, [rmdir], [])
 AC_PATH_PROG(RSYNC, [rsync], [])
+AC_PATH_PROG(SANDBOX_EXEC, [sandbox-exec], [], [/usr/bin])
 AC_PATH_PROG(SED, [sed])
 AC_PATH_PROG(SVN, [svn], [])

trunk/base/src/pextlib1.0/system.c

@@ -78 +78 @@
 };
 
+static int check_sandboxing(Tcl_Interp *interp, char **sandbox_exec_path, char **profilestr)
+{
+    Tcl_Obj *tcl_result;
+    int supported;
+    int len;
+
+    tcl_result = Tcl_GetVar2Ex(interp, "portsandbox_supported", NULL, TCL_GLOBAL_ONLY);
+    if (!tcl_result || Tcl_GetBooleanFromObj(interp, tcl_result, &supported) != TCL_OK || !supported) {
+        return 0;
+    }
+
+    tcl_result = Tcl_GetVar2Ex(interp, "portutil::autoconf::sandbox_exec_path", NULL, TCL_GLOBAL_ONLY);
+    if (!tcl_result || !(*sandbox_exec_path = Tcl_GetString(tcl_result))) {
+        return 0;
+    }
+
+    tcl_result = Tcl_GetVar2Ex(interp, "portsandbox_profile", NULL, TCL_GLOBAL_ONLY);
+    if (!tcl_result || !(*profilestr = Tcl_GetStringFromObj(tcl_result, &len)) 
+        || len == 0) {
+        return 0;
+    }
+
+    return 1;
+}
+
 /* usage: system ?-notty? ?-nice value? ?-W path? command */
 int SystemCmd(ClientData clientData UNUSED, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[])
@@ -84 +109 @@
     struct linebuf circbuf[CBUFSIZ];
     size_t linelen;
-    char *args[4];
+    char *args[7];
     char *cmdstring;
+    int sandbox = 0;
+    char *sandbox_exec_path;
+    char *profilestr;
     FILE *pdes;
     int fdset[2], nullfd;
@@ -129 +157 @@
     }
 
+#if 0
+    /* check if and how we should use sandbox-exec */
+    sandbox = check_sandboxing(interp, &sandbox_exec_path, &profilestr);
+#endif
+
     /*
      * Fork a child to run the command, in a popen() like fashion -
@@ -179 +212 @@
 
         /* XXX ugly string constants */
-        args[0] = "sh";
-        args[1] = "-c";
-        args[2] = cmdstring;
-        args[3] = NULL;
-        execve("/bin/sh", args, environ);
+        if (sandbox) {
+            args[0] = "sandbox-exec";
+            args[1] = "-p";
+            args[2] = profilestr;
+            args[3] = "sh";
+            args[4] = "-c";
+            args[5] = cmdstring;
+            args[6] = NULL;
+            execve(sandbox_exec_path, args, environ);
+        } else {
+            args[0] = "sh";
+            args[1] = "-c";
+            args[2] = cmdstring;
+            args[3] = NULL;
+            execve("/bin/sh", args, environ);
+        }
         _exit(1);
         break;

trunk/base/src/port1.0/Makefile

@@ -7 +7 @@
         portdeactivate.tcl portsubmit.tcl port_autoconf.tcl portstartupitem.tcl \
         porttrace.tcl portlivecheck.tcl portdistcheck.tcl portmirror.tcl \
-        portload.tcl portunload.tcl portdistfiles.tcl fetch_common.tcl
+        portload.tcl portunload.tcl portdistfiles.tcl fetch_common.tcl \
+        portsandbox.tcl
 
 include ../../Mk/macports.subdir.mk

trunk/base/src/port1.0/port.tcl

@@ -59 +59 @@
 
 package require portdistfiles 1.0
+package require portsandbox 1.0

trunk/base/src/port1.0/port_autoconf.tcl.in

@@ -66 +66 @@
         variable xcodebuild_path "@XCODEBUILD@"
         variable xcrun_path "@XCRUN@"
+        variable sandbox_exec_path "@SANDBOX_EXEC@"
         variable sed_command "@SED@"
         variable sed_ext_flag "@SED_EXT@"