Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snuffleupagus writable execution of eval'd code ? #409

Closed
gnd opened this issue Mar 22, 2022 · 6 comments
Closed

Snuffleupagus writable execution of eval'd code ? #409

gnd opened this issue Mar 22, 2022 · 6 comments
Assignees
@jvoisin @bef
Labels
question
Milestone
0.8.0 - Woolly Ma...

Comments

@gnd
Copy link

gnd commented Mar 22, 2022

Hi,

i notice that after enabling readonly_exec() i get these kind of errors:

Mar 22 12:48:20 xxx snuffleupagus[3179578]: [snuffleupagus][0.0.0.0][Writable execution][log] Error while accessing /xxx/wp-content/plugins/sitepress-multilingual-cms/lib/twig/src/Environment.php(442) : eval()'d code: No such file or directory in /xxx/wp-content/plugins/sitepress-multilingual-cms/lib/twig/src/Environment.php(442) : eval()'d code on line 29

What is Snuffleupagus doing here ? In the Enviroment.php it seems like the plugin is building a sort of template that is then executed with eval(). How can I solve this issue without giving up on readonly_exec() ?

thanks !
@jvoisin jvoisin self-assigned this Mar 23, 2022
@jvoisin
Copy link
Owner

jvoisin commented Mar 23, 2022
edited

Can you please:

@gnd
Copy link
Author

gnd commented Mar 24, 2022

Hi,

  • the file is not writable, otherwise would not bother you.
  • Yes, that is the file. To make sure, i also attach a copy of it (renamed to .log)
    Environment.log
  • Snuffleupagus compiled from HEAD @ eede222
  • php-fpm 7.4.28.1

@gnd
Copy link
Author

gnd commented Apr 11, 2022

HI, I wonder if you had any time to check this ? Thanks )

@jvoisin
Copy link
Owner

jvoisin commented Apr 17, 2022

I still have to coordinate with @bef, so this one is still on the backburner for now, sorry :/

@bef
Copy link
Collaborator

bef commented Apr 18, 2022

This definitely sounds like a bug. Unfortunately I failed to reproduce the error.

I suspect some kind of construct like eval(include(file.php)) with file.php once more containing eval(include(...)) may not be caught properly. I will look into that.

In the meantime, have you tried the latest head from 2022? Maybe the bug magically disappeared?

On a more general note, having a template system like Twig writing some kind of cache file and then reading the cache file for execution at a later stage is exactly what readonly_exec is trying to prevent in the first place, so even after fixing the bug, Twig most likely won't be running with readonly_exec enabled. Maybe we introduce whitelisted directories, which may be dangerous if configured incorrectly. What do you think @jvoisin ?

@jvoisin jvoisin added this to the 0.8.0 - Woolly Mammoth milestone May 3, 2022
@bef
Copy link
Collaborator

bef commented May 11, 2022

After some testing I failed to recreate the problem using the current master/head version.

@jvoisin jvoisin closed this as completed May 11, 2022
@spillkiss spillkiss mentioned this issue Jun 20, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jvoisin jvoisin

@bef bef

Labels
question
Projects
None yet
Milestone
0.8.0 - Woolly Mammoth
Development

No branches or pull requests
3 participants
@jvoisin @bef @gnd