diff options
| author | Eelco Dolstra <edolstra@gmail.com> | 2018-08-03 17:01:34 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-08-03 17:01:34 +0200 |
| commit | bc65e02d9671ef6af2c25b4cc7a0a34944d98a2d (patch) | |
| tree | 3a120d4eaa1c63dfbcbd19b0a3835069aceed217 /tests | |
| parent | 122e1a61f8deb55a38a00534c502fd8c6700d539 (diff) | |
| parent | 43e28a1b756c2f7ee139c999e6169a71f555e9e5 (diff) | |
Merge pull request #2326 from aszlig/fix-symlink-leak
Fix symlink leak in restricted eval mode
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/restricted.sh | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/restricted.sh b/tests/restricted.sh index a87d8ec2c..e02becc60 100644 --- a/tests/restricted.sh +++ b/tests/restricted.sh @@ -38,3 +38,14 @@ ln -sfn $(pwd)/restricted.nix $TEST_ROOT/restricted.nix nix-instantiate --eval --restrict-eval $TEST_ROOT/restricted.nix -I $TEST_ROOT -I . [[ $(nix eval --raw --restrict-eval -I . '(builtins.readFile "${import ./simple.nix}/hello")') == 'Hello World!' ]] + +# Check whether we can leak symlink information through directory traversal. +traverseDir="$(pwd)/restricted-traverse-me" +ln -sfn "$(pwd)/restricted-secret" "$(pwd)/restricted-innocent" +mkdir -p "$traverseDir" +goUp="..$(echo "$traverseDir" | sed -e 's,[^/]\+,..,g')" +output="$(nix eval --raw --restrict-eval -I "$traverseDir" \ + "(builtins.readFile \"$traverseDir/$goUp$(pwd)/restricted-innocent\")" \ + 2>&1 || :)" +echo "$output" | grep "is forbidden" +! echo "$output" | grep -F restricted-secret |