[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Can "gawk -i extension" be made safer?
From: |
Andrew J. Schorr |
Subject: |
Re: Can "gawk -i extension" be made safer? |
Date: |
Mon, 26 Jun 2023 09:43:07 -0400 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hi Stephane,
On Sun, Jun 25, 2023 at 10:17:50AM +0100, Stephane CHAZELAS wrote:
...
> https://github.com/search?q=%22-i+inplace%22&type=code&p=2 a
> github code search for "-i inplace" returns 1.4k hits.
> Similar searches for comp.lang.awk or unix.stackexchange.com
> also return hundreds of hits. I don't see many mentioning
> $AWKPATH.
>
> How many of these constitute security vulnerabilities or promote
> something that introduce vulnerabilities? Can't we do something
> about it?
Thanks for raising this issue; it's an interesting question.
But I think Arnold is correct that it would be problematic to change
gawk's established default behavior.
Here are a couple of thoughts/questions pertaining to this:
1. Should we consider patching extras/gawk.{sh,csh} to add
gawkpath_sanitize and gawklibpath_sanitize functions that remove any
directories from the path that are relative and not absolute?
You already provided the code for gawkpath_sanitize:
gawkpath_sanitize () {
export AWKPATH="$(LC_ALL=C gawk '
BEGIN {
n = split(ENVIRON["AWKPATH"], dirs, ":")
for (i = 1; i <= n; i++)
if (substr(dirs[i], 1, 1) == "/") {
newawkpath = (newawkpath sep dirs[i])
sep = ":"
}
print newawkpath
}')"
}
And similarly for gawklibpath_sanitize. And we'll need C-shell versions.
2. Would a "safegawk" wrapper script that sanitizes the paths prior
to invoking gawk be useful? If so, should such a script be part of the
distribution or something that users should craft for themselves?
safegawk:
#!/bin/sh
. /etc/profiles.d/gawk.sh
gawkpath_sanitize
gawklibpath_sanitize
exec gawk "$@"
Regards,
Andy