summaryrefslogtreecommitdiffstats
path: root/plugin/rpcplugin/supervisor.go
diff options
context:
space:
mode:
authorChris <ccbrown112@gmail.com>2018-01-15 11:21:06 -0600
committerChristopher Speller <crspeller@gmail.com>2018-01-15 09:21:06 -0800
commitf5c8a71698d0a7a16c68be220e49fe64bfee7f5c (patch)
tree194b9cc79eceb1c91c44e39b9d797671c178fe0e /plugin/rpcplugin/supervisor.go
parent7e5ce976681e99be6b26d428935ba1106d530efa (diff)
downloadchat-f5c8a71698d0a7a16c68be220e49fe64bfee7f5c.tar.gz
chat-f5c8a71698d0a7a16c68be220e49fe64bfee7f5c.tar.bz2
chat-f5c8a71698d0a7a16c68be220e49fe64bfee7f5c.zip
ABC-22: Plugin sandboxing for linux/amd64 (#8068)
* plugin sandboxing * remove unused type * better symlink handling, better remounting, better test, whitespace fixes, and comment on the remounting * fix test compile error * big simplification for getting mount flags * mask statfs flags to the ones we're interested in
Diffstat (limited to 'plugin/rpcplugin/supervisor.go')
-rw-r--r--plugin/rpcplugin/supervisor.go19
1 files changed, 14 insertions, 5 deletions
diff --git a/plugin/rpcplugin/supervisor.go b/plugin/rpcplugin/supervisor.go
index ad3c8401d..6a48cb5e8 100644
--- a/plugin/rpcplugin/supervisor.go
+++ b/plugin/rpcplugin/supervisor.go
@@ -6,6 +6,7 @@ package rpcplugin
import (
"context"
"fmt"
+ "io"
"path/filepath"
"strings"
"sync/atomic"
@@ -20,10 +21,10 @@ import (
//
// If the plugin unexpectedly exists, the supervisor will relaunch it after a short delay.
type Supervisor struct {
- executable string
hooks atomic.Value
done chan bool
cancel context.CancelFunc
+ newProcess func(context.Context) (Process, io.ReadWriteCloser, error)
}
var _ plugin.Supervisor = (*Supervisor)(nil)
@@ -78,7 +79,7 @@ func (s *Supervisor) run(ctx context.Context, start chan<- error, api plugin.API
}
func (s *Supervisor) runPlugin(ctx context.Context, start chan<- error, api plugin.API) error {
- p, ipc, err := NewProcess(ctx, s.executable)
+ p, ipc, err := s.newProcess(ctx)
if err != nil {
if start != nil {
start <- err
@@ -127,6 +128,16 @@ func (s *Supervisor) runPlugin(ctx context.Context, start chan<- error, api plug
}
func SupervisorProvider(bundle *model.BundleInfo) (plugin.Supervisor, error) {
+ return SupervisorWithNewProcessFunc(bundle, func(ctx context.Context) (Process, io.ReadWriteCloser, error) {
+ executable := filepath.Clean(filepath.Join(".", bundle.Manifest.Backend.Executable))
+ if strings.HasPrefix(executable, "..") {
+ return nil, nil, fmt.Errorf("invalid backend executable")
+ }
+ return NewProcess(ctx, filepath.Join(bundle.Path, executable))
+ })
+}
+
+func SupervisorWithNewProcessFunc(bundle *model.BundleInfo, newProcess func(context.Context) (Process, io.ReadWriteCloser, error)) (plugin.Supervisor, error) {
if bundle.Manifest == nil {
return nil, fmt.Errorf("no manifest available")
} else if bundle.Manifest.Backend == nil || bundle.Manifest.Backend.Executable == "" {
@@ -136,7 +147,5 @@ func SupervisorProvider(bundle *model.BundleInfo) (plugin.Supervisor, error) {
if strings.HasPrefix(executable, "..") {
return nil, fmt.Errorf("invalid backend executable")
}
- return &Supervisor{
- executable: filepath.Join(bundle.Path, executable),
- }, nil
+ return &Supervisor{newProcess: newProcess}, nil
}