Enforce env permission on homeDir() and execPath (denoland#2714)

kitsonk · Aug 4, 2019 · 52c13fb · 52c13fb
1 parent c6861b5
commit 52c13fb
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 10 deletions.
diff --git a/cli/ops.rs b/cli/ops.rs
@@ -354,12 +354,17 @@ fn op_start(
   let cwd_off =
     builder.create_string(deno_fs::normalize_path(cwd_path.as_ref()).as_ref());
 
-  let current_exe = std::env::current_exe().unwrap();
-  // Now apply URL parser to current exe to get fully resolved path, otherwise we might get
-  // `./` and `../` bits in `exec_path`
-  let exe_url = Url::from_file_path(current_exe).unwrap();
-  let exec_path =
-    builder.create_string(exe_url.to_file_path().unwrap().to_str().unwrap());
+  // Use permissions.allows_env() to bypass env request prompt.
+  let exec_path = if state.permissions.allows_env() {
+    let current_exe = std::env::current_exe().unwrap();
+    // Now apply URL parser to current exe to get fully resolved path, otherwise we might get
+    // `./` and `../` bits in `exec_path`
+    let exe_url = Url::from_file_path(current_exe).unwrap();
+    exe_url.to_file_path().unwrap().to_str().unwrap().to_owned()
+  } else {
+    "".to_owned()
+  };
+  let exec_path = builder.create_string(&exec_path);
 
   let v8_version = version::v8();
   let v8_version_off = builder.create_string(v8_version);
@@ -1751,13 +1756,15 @@ fn op_metrics(
 }
 
 fn op_home_dir(
-  _state: &ThreadSafeState,
+  state: &ThreadSafeState,
   base: &msg::Base<'_>,
   data: Option<PinnedBuf>,
 ) -> CliOpResult {
   assert!(data.is_none());
   let cmd_id = base.cmd_id();
 
+  state.check_env()?;
+
   let builder = &mut FlatBufferBuilder::new();
   let path = dirs::home_dir()
     .unwrap_or_default()

diff --git a/js/os_test.ts b/js/os_test.ts
@@ -39,6 +39,26 @@ test(function osIsTTYSmoke(): void {
   console.log(Deno.isTTY());
 });
 
-test(function homeDir(): void {
+testPerm({ env: true }, function homeDir(): void {
   assertNotEquals(Deno.homeDir(), "");
 });
+
+testPerm({ env: false }, function homeDirPerm(): void {
+  let caughtError = false;
+  try {
+    Deno.homeDir();
+  } catch (err) {
+    caughtError = true;
+    assertEquals(err.kind, Deno.ErrorKind.PermissionDenied);
+    assertEquals(err.name, "PermissionDenied");
+  }
+  assert(caughtError);
+});
+
+testPerm({ env: true }, function execPath(): void {
+  assertNotEquals(Deno.execPath, "");
+});
+
+testPerm({ env: false }, function execPathPerm(): void {
+  assertEquals(Deno.execPath, "");
+});
diff --git a/tools/target_test.py b/tools/target_test.py
@@ -55,7 +55,10 @@ def test_no_color(self):
         assert result.out.strip() == "noColor false"
 
     def test_exec_path(self):
-        cmd = [self.deno_exe, "run", "--allow-run", "tests/exec_path.ts"]
+        cmd = [
+            self.deno_exe, "run", "--allow-run", "--allow-env",
+            "tests/exec_path.ts"
+        ]
         result = run_output(cmd, quiet=True)
         print "exec_path", result.code
         print result.out

diff --git a/tools/unit_tests.py b/tools/unit_tests.py
@@ -10,7 +10,7 @@
 class JsUnitTests(DenoTestCase):
     def test_unit_test_runner(self):
         cmd = [
-            self.deno_exe, "run", "--reload", "--allow-run",
+            self.deno_exe, "run", "--reload", "--allow-run", "--allow-env",
             "js/unit_test_runner.ts"
         ]
         process = subprocess.Popen(