Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

easyconfig should be properly parsed #129

Open
boegel opened this issue Aug 20, 2012 · 3 comments
Open

easyconfig should be properly parsed #129

boegel opened this issue Aug 20, 2012 · 3 comments
Labels
bug report enhancement priority:low
Milestone
4.x

Comments

@boegel
Copy link
Member

boegel commented Aug 20, 2012

Because we now allow arbitrary code to be executed in easyconfig (.eb) files, that's a major security issue.

Easyconfigs files can easily be passed between users of EasyBuild, and they can execute totally arbitrary code (e.g. rm -rf * in the user's home directory).

We need to find a way to remedy that.

One suggestions is to limit what can be done in an easyconfig file (suggested by @nudded):

global_vars = {
               "shared_lib_ext": get_shared_lib_ext(),
               "__builtins__": {}
              }
@boegel boegel mentioned this issue Aug 20, 2012
Open
@fgeorgatos
Copy link
Collaborator

As discussed earlier via VOS protocol (=Voice Over Soundwaves :-), the easyconfig files per se are not a security risk, since a simple trojan patch file can prove that, the complete compilation business is a very risky endeavor.

This is for example relevant when we do automated pkgsrc based easybuild compilations: how can someone trust that no one of the 20000 packages' Makefiles will do something funny? IMHO, you can't: something in there might contaminate the rest of the process; of course, this is the same issue as port-based systems & has similar remedies.
(ie. containment of the risk by using unprivileged account etc).

Now, as regards python, if we really think that there is a risk, the following might be of interest:
http://pypy.org/features.html#sandboxing
(ie --sandboxing would be calling for execution under pypy, perhaps in a module in itself)

@JensTimmerman
Copy link
Contributor

easy_install actually also set's up a big sandbox for each installation.

What @boegel proposes is a sort of sandbox, although one that can be easily broken out of.

However, I do agree that whilst this is an issue, it's not any bigger then a lot of other possible things that might go wrong.
So I do propose to close this as wontfix.

@boegel
Copy link
Member Author

boegel commented Oct 22, 2012

I think we need another round of discussion (e.g. on a future hackathon) before we close this as wontfix.

On the one hand, I agree, but I also don't see why we shouldn't make it less easy to do nasty stuff by limiting what's possible in easyconfig files (e.g. by actually parsing them instead of just exec'ing them).

Moved to a later milestone, but keeping it open for now.

@boegel boegel modified the milestone: v1.X Jun 24, 2015
@boegel boegel modified the milestone: 3.x May 2, 2017
@boegel boegel modified the milestones: 3.x, 4.x Feb 20, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug report enhancement priority:low
Projects
None yet
Milestone
4.x
Development

No branches or pull requests
3 participants
@JensTimmerman @boegel @fgeorgatos