Perlbot/perlbuut
1
0
Fork 0
mirror of https://github.com/perlbot/perlbuut synced 2025-06-07 18:45:42 -04:00
Code Issues Releases Wiki Activity

Execcve works again

Browse source
This commit is contained in:
Ryan Voots 2017-05-06 05:09:10 -04:00
parent 18640a7134
commit c7b44290c3
3 changed files with 5 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
bin/testeval.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
read -r -d '' CODE <<'EOC'
perl BEGIN {$ENV{TMPDIR}="/tmp"}; use File::Temp; File::Temp->new()."";
perl5.5 BEGIN {$ENV{TMPDIR}="/tmp"}; use File::Temp; File::Temp->new()."";
EOC
echo --------
@ -9,7 +9,7 @@ echo $CODE
echo --------
rm -f ./jail/noseccomp
echo $CODE | sudo strace -ojail/killed.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
echo $CODE | sudo strace -f -ojail/killed.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
touch ./jail/noseccomp
echo $CODE | sudo strace -ojail/alive.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
echo $CODE | sudo strace -f -ojail/alive.log /home/ryan/perl5/perlbrew/perls/perlbot-inuse/bin/perl5* ./bin/test_eval.pl
rm -f ./jail/noseccomp

20
lib/EvalServer/Seccomp.pm
View file

@ -11,25 +11,7 @@ use POSIX;
use Linux::Seccomp;
use Carp qw/croak/;
has exec_map => (is => 'ro', default => sub {
# TODO this should actually end up in eval.pl specifically.
return {
'perl4' => {bin => '/perl5/perlbrew/perls/perl-4.036/bin/perl'},
'perl5.5' => {bin => '/perl5/perlbrew/perls/perl-5.005_04/bin/perl'},
'perl5.6' => {bin => '/perl5/perlbrew/perls/perl-5.6.2/bin/perl'},
'perl5.8' => {bin => '/perl5/perlbrew/perls/perl-5.8.9/bin/perl'},
'perl5.10' => {bin => '/perl5/perlbrew/perls/perl-5.10.1/bin/perl'},
'perl5.12' => {bin => '/perl5/perlbrew/perls/perl-5.12.5/bin/perl'},
'perl5.14' => {bin => '/perl5/perlbrew/perls/perl-5.14.4/bin/perl'},
'perl5.16' => {bin => '/perl5/perlbrew/perls/perl-5.16.3/bin/perl'},
'perl5.18' => {bin => '/perl5/perlbrew/perls/perl-5.18.4/bin/perl'},
'perl5.20' => {bin => '/perl5/perlbrew/perls/perl-5.20.3/bin/perl'},
'perl5.22' => {bin => '/perl5/perlbrew/perls/perl-5.22.3/bin/perl'},
'perl5.24' => {bin => '/perl5/perlbrew/perls/perl-5.24.0/bin/perl'},
'ruby' => {bin => '/usr/bin/ruby2.1'},
};
});
has exec_map => (is => 'ro', default => sub {+{}});
has profiles => (is => 'ro'); # aref
has _rules => (is => 'rw');

2
lib/eval.pl
View file

@ -288,7 +288,7 @@ use Storable qw/nfreeze/; nfreeze([]); #Preload Nfreeze since it's loaded on dem
# Setup SECCOMP for us
my ($profile) = ($type =~ /^([a-z]+)/ig);
my $esc = EvalServer::Seccomp->new(profiles => ["lang_$profile"]);
my $esc = EvalServer::Seccomp->new(profiles => ["lang_$profile"], exec_map => \%exec_map);
$esc->engage();
# Choose which type of evaluation to perform