Re: [PATCH v2 8/8] shell: restrict BASH_SOURCE

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 8/8] shell: restrict BASH_SOURCE_PATH when appropriate

From:	Matheus Afonso Martins Moreira
Subject:	Re: [PATCH v2 8/8] shell: restrict BASH_SOURCE_PATH when appropriate
Date:	Tue, 14 May 2024 22:22:19 +0000

> Or you could simply ignore BASH_SOURCE_PATH in restricted mode.

Then the restricted shells will not have access to this new functionality.
I thought it could be useful if properly integrated.

> Or, at least, this should be an opt-in
> feature that the scripts to set up the
> restricted shells need to explicitly turn on
> instead of being automatically enabled
> through the existence of a variable BASH_SOURCE_PATH.

I think this is a very good idea, especially if we combine it with
the "no defaults" idea.

I'd like to propose that restricted shells disallow manipulation
of this variable, and on top of that set it to the empty string so
that no paths are searchable by default, regardless of which
default value was chosen at compilation time. Then we could
have some mechanism by which other code which prepares
the restricted shell sets the desired BASH_SOURCE_PATH, if any.

This way, the users of restricted shells also have to opt in
to benefit from the new behavior, and compatibility is enhanced.

I'm not sure what form the aforementioned
mechanism would take though. What do you say?

  -- Matheus

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v2 6/8] builtins/source: use source path in isolated mode, (continued)

Prev by Date: Re: [PATCH v2 5/8] builtins/source: parse the -i option
Next by Date: Re: [PATCH v2 5/8] builtins/source: parse the -i option
Previous by thread: Re: [PATCH v2 8/8] shell: restrict BASH_SOURCE_PATH when appropriate
Next by thread: Re: [PATCH v2 8/8] shell: restrict BASH_SOURCE_PATH when appropriate
Index(es):
- Date
- Thread