mirror of
https://github.com/perlbot/perlbuut
synced 2025-06-07 18:35:49 -04:00
Execcve works again
This commit is contained in:
Ryan Voots
parent
18640a7134
commit
c7b44290c3
3 changed files with 5 additions and 23 deletions
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
read -r -d '' CODE <<'EOC'
|
read -r -d '' CODE <<'EOC'
|
||||||
perl BEGIN {$ENV{TMPDIR}="/tmp"}; use File::Temp; File::Temp->new()."";
|
perl5.5 BEGIN {$ENV{TMPDIR}="/tmp"}; use File::Temp; File::Temp->new()."";
|
||||||
EOC
|
EOC
|
||||||
|
|
||||||
echo --------
|
echo --------
|
||||||
|
|
@ -9,7 +9,7 @@ echo $CODE
|
||||||
echo --------
|
echo --------
|
||||||
|
|
||||||
rm -f ./jail/noseccomp
|
rm -f ./jail/noseccomp
|
||||||
echo $CODE | sudo strace -ojail/killed.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
|
echo $CODE | sudo strace -f -ojail/killed.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
|
||||||
touch ./jail/noseccomp
|
touch ./jail/noseccomp
|
||||||
echo $CODE | sudo strace -ojail/alive.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
|
echo $CODE | sudo strace -f -ojail/alive.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
|
||||||
rm -f ./jail/noseccomp
|
rm -f ./jail/noseccomp
|
||||||
|
|
|
||||||
|
|
@ -11,25 +11,7 @@ use POSIX;
|
||||||
use Linux::Seccomp;
|
use Linux::Seccomp;
|
||||||
use Carp qw/croak/;
|
use Carp qw/croak/;
|
||||||
|
|
||||||
has exec_map => (is => 'ro', default => sub {
|
has exec_map => (is => 'ro', default => sub {+{}});
|
||||||
# TODO this should actually end up in eval.pl specifically.
|
|
||||||
return {
|
|
||||||
'perl4' => {bin => '/perl5/perlbrew/perls/perl-4.036/bin/perl'},
|
|
||||||
'perl5.5' => {bin => '/perl5/perlbrew/perls/perl-5.005_04/bin/perl'},
|
|
||||||
'perl5.6' => {bin => '/perl5/perlbrew/perls/perl-5.6.2/bin/perl'},
|
|
||||||
'perl5.8' => {bin => '/perl5/perlbrew/perls/perl-5.8.9/bin/perl'},
|
|
||||||
'perl5.10' => {bin => '/perl5/perlbrew/perls/perl-5.10.1/bin/perl'},
|
|
||||||
'perl5.12' => {bin => '/perl5/perlbrew/perls/perl-5.12.5/bin/perl'},
|
|
||||||
'perl5.14' => {bin => '/perl5/perlbrew/perls/perl-5.14.4/bin/perl'},
|
|
||||||
'perl5.16' => {bin => '/perl5/perlbrew/perls/perl-5.16.3/bin/perl'},
|
|
||||||
'perl5.18' => {bin => '/perl5/perlbrew/perls/perl-5.18.4/bin/perl'},
|
|
||||||
'perl5.20' => {bin => '/perl5/perlbrew/perls/perl-5.20.3/bin/perl'},
|
|
||||||
'perl5.22' => {bin => '/perl5/perlbrew/perls/perl-5.22.3/bin/perl'},
|
|
||||||
'perl5.24' => {bin => '/perl5/perlbrew/perls/perl-5.24.0/bin/perl'},
|
|
||||||
'ruby' => {bin => '/usr/bin/ruby2.1'},
|
|
||||||
};
|
|
||||||
});
|
|
||||||
|
|
||||||
has profiles => (is => 'ro'); # aref
|
has profiles => (is => 'ro'); # aref
|
||||||
|
|
||||||
has _rules => (is => 'rw');
|
has _rules => (is => 'rw');
|
||||||
|
|
|
||||||
|
|
@ -288,7 +288,7 @@ use Storable qw/nfreeze/; nfreeze([]); #Preload Nfreeze since it's loaded on dem
|
||||||
|
|
||||||
# Setup SECCOMP for us
|
# Setup SECCOMP for us
|
||||||
my ($profile) = ($type =~ /^([a-z]+)/ig);
|
my ($profile) = ($type =~ /^([a-z]+)/ig);
|
||||||
my $esc = EvalServer::Seccomp->new(profiles => ["lang_$profile"]);
|
my $esc = EvalServer::Seccomp->new(profiles => ["lang_$profile"], exec_map => \%exec_map);
|
||||||
$esc->engage();
|
$esc->engage();
|
||||||
|
|
||||||
# Choose which type of evaluation to perform
|
# Choose which type of evaluation to perform
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue