feat(core): validate AppImage execution when env vars are set [TRI-041] (#17)

lucasfernog · lucasfernog · commit 6fbd6dba5290 · 2022-01-09T14:57:29.000-03:00
diff --git a/.changes/validate-appimage.md b/.changes/validate-appimage.md
@@ -0,0 +1,5 @@
+---
+"tauri": patch
+---
+
+Validate the `std::env::current_exe` return value if `APPDIR` or `APPIMAGE` environment variables are set.
diff --git a/core/tauri-utils/src/lib.rs b/core/tauri-utils/src/lib.rs
@@ -39,6 +39,7 @@ impl PackageInfo {
 
 /// Information about environment variables.
 #[derive(Debug, Clone)]
+#[non_exhaustive]
 pub struct Env {
   /// The APPIMAGE environment variable.
   #[cfg(target_os = "linux")]
@@ -51,12 +52,24 @@ pub struct Env {
 #[allow(clippy::derivable_impls)]
 impl Default for Env {
   fn default() -> Self {
-    Self {
+    let env = Self {
       #[cfg(target_os = "linux")]
       appimage: std::env::var_os("APPIMAGE"),
       #[cfg(target_os = "linux")]
       appdir: std::env::var_os("APPDIR"),
+    };
+    if env.appimage.is_some() || env.appdir.is_some() {
+      // validate that we're actually running on an AppImage
+      // an AppImage is mounted to `/tmp/.mount_${appPrefix}${hash}`
+      // see https://github.com/AppImage/AppImageKit/blob/1681fd84dbe09c7d9b22e13cdb16ea601aa0ec47/src/runtime.c#L501
+      if !std::env::current_exe()
+        .map(|p| p.to_string_lossy().into_owned().starts_with("/tmp/.mount_"))
+        .unwrap_or(true)
+      {
+        panic!("`APPDIR` or `APPIMAGE` environment variable found but this application was not detected as an AppImage; this might be a security issue.");
+      }
     }
+    env
   }
 }
 

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"tauri": patch
 +---
++
 +Validate the `std::env::current_exe` return value if `APPDIR` or `APPIMAGE` environment variables are set.