develooper Front page | perl.perl5.porters | Postings from May 2013

Re: Safe 2.35 localizing %SIG

Thread Previous | Thread Next
From:
David Cantrell
Date:
May 22, 2013 21:30
Subject:
Re: Safe 2.35 localizing %SIG
Message ID:
20130522213019.GA25735@bytemark.barnyard.co.uk
On Wed, May 22, 2013 at 11:48:39AM +0200, Rafael Garcia-Suarez wrote:
> On 22 May 2013 01:15, David Cantrell <david@cantrell.org.uk> wrote:
> > I've been bitten by the localizing of %SIG in the latest Safe.pm.  I'm
> > using a SIG ALRM to have execution of the Safe compartment time out:
> >   https://metacpan.org/source/DCANTRELL/CPAN-ParseDistribution-1.4/lib/CPAN/ParseDistribution.pm#L186
> > and this no longer works.  I can see why locally undefing %SIG is probably a
> > good idea, but it would be Really Good if there was a way of controlling
> > this so that I could specify that I want to be able to handle particular
> > signals.
> I have a working exploit against earlier safes that uses SIGCHLD to
> execute untrusted code, but it can be adapted to use any other signal.
> I can send it to you if you're interested.

I believe you!

I've just spent an unproductive couple of hours trying to patch Safe.pm
to allow me to give it a list of signals that I want to leave working
anyway regardless of the potential problems, but couldn't figure out a
clean way of getting them through the evals. Ah well, I'll just have to
find another way of getting my timeout to work.
-- 
David Cantrell | semi-evolved ape-thing

    The Law of Daves: in any gathering of technical people, the
    number of Daves will be greater than the number of women.

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About