[alsa-devel] [PATCH v2 - alsa-lib] snd_user_file: avoid use wordexp
Takashi Iwai
tiwai at suse.de
Sat Jul 15 10:00:26 CEST 2017
On Fri, 14 Jul 2017 18:47:05 +0200,
Natanael Copa wrote:
>
> As suggested in POSIX[1], wordexp might execute the shell. If the libc
> implementation does so, it will break the firefox sandbox which does
> not allow exec. This happened on Alpine Linux with musl libc[2].
>
> Since we cannot guarantee that the system wordexp implementation does
> not execute shell, we cannot really use it, and need to implement the
> ~/ expansion ourselves.
>
> We provide a configure option --with-wordexp for users that still may
> need it, but we leave this off by default because wordexp is a large
> large attack vector and it is better to avoid it.
>
> [1]: http://pubs.opengroup.org/onlinepubs/9699919799/functions/wordexp.html#tag_16_684_08
> [2]: http://bugs.alpinelinux.org/issues/7454#note-2
>
> Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
> ---
> changes v2:
> - add configure option to enable old behaviour which uses wordexp.
> this is off by default.
>
> I was not sure if I should use --with-wordexp or --enable-wordexp but
> went with --with-wordexp similar to --with-softfloat.
That's OK, a matter of taste.
Applied now as is. Thanks.
Takashi
More information about the Alsa-devel
mailing list