diff options
author | Chris <ccbrown112@gmail.com> | 2018-01-15 11:21:06 -0600 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2018-01-15 09:21:06 -0800 |
commit | f5c8a71698d0a7a16c68be220e49fe64bfee7f5c (patch) | |
tree | 194b9cc79eceb1c91c44e39b9d797671c178fe0e /plugin/rpcplugin/supervisor.go | |
parent | 7e5ce976681e99be6b26d428935ba1106d530efa (diff) | |
download | chat-f5c8a71698d0a7a16c68be220e49fe64bfee7f5c.tar.gz chat-f5c8a71698d0a7a16c68be220e49fe64bfee7f5c.tar.bz2 chat-f5c8a71698d0a7a16c68be220e49fe64bfee7f5c.zip |
ABC-22: Plugin sandboxing for linux/amd64 (#8068)
* plugin sandboxing
* remove unused type
* better symlink handling, better remounting, better test, whitespace
fixes, and comment on the remounting
* fix test compile error
* big simplification for getting mount flags
* mask statfs flags to the ones we're interested in
Diffstat (limited to 'plugin/rpcplugin/supervisor.go')
-rw-r--r-- | plugin/rpcplugin/supervisor.go | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/plugin/rpcplugin/supervisor.go b/plugin/rpcplugin/supervisor.go index ad3c8401d..6a48cb5e8 100644 --- a/plugin/rpcplugin/supervisor.go +++ b/plugin/rpcplugin/supervisor.go @@ -6,6 +6,7 @@ package rpcplugin import ( "context" "fmt" + "io" "path/filepath" "strings" "sync/atomic" @@ -20,10 +21,10 @@ import ( // // If the plugin unexpectedly exists, the supervisor will relaunch it after a short delay. type Supervisor struct { - executable string hooks atomic.Value done chan bool cancel context.CancelFunc + newProcess func(context.Context) (Process, io.ReadWriteCloser, error) } var _ plugin.Supervisor = (*Supervisor)(nil) @@ -78,7 +79,7 @@ func (s *Supervisor) run(ctx context.Context, start chan<- error, api plugin.API } func (s *Supervisor) runPlugin(ctx context.Context, start chan<- error, api plugin.API) error { - p, ipc, err := NewProcess(ctx, s.executable) + p, ipc, err := s.newProcess(ctx) if err != nil { if start != nil { start <- err @@ -127,6 +128,16 @@ func (s *Supervisor) runPlugin(ctx context.Context, start chan<- error, api plug } func SupervisorProvider(bundle *model.BundleInfo) (plugin.Supervisor, error) { + return SupervisorWithNewProcessFunc(bundle, func(ctx context.Context) (Process, io.ReadWriteCloser, error) { + executable := filepath.Clean(filepath.Join(".", bundle.Manifest.Backend.Executable)) + if strings.HasPrefix(executable, "..") { + return nil, nil, fmt.Errorf("invalid backend executable") + } + return NewProcess(ctx, filepath.Join(bundle.Path, executable)) + }) +} + +func SupervisorWithNewProcessFunc(bundle *model.BundleInfo, newProcess func(context.Context) (Process, io.ReadWriteCloser, error)) (plugin.Supervisor, error) { if bundle.Manifest == nil { return nil, fmt.Errorf("no manifest available") } else if bundle.Manifest.Backend == nil || bundle.Manifest.Backend.Executable == "" { @@ -136,7 +147,5 @@ func SupervisorProvider(bundle *model.BundleInfo) (plugin.Supervisor, error) { if strings.HasPrefix(executable, "..") { return nil, fmt.Errorf("invalid backend executable") } - return &Supervisor{ - executable: filepath.Join(bundle.Path, executable), - }, nil + return &Supervisor{newProcess: newProcess}, nil } |