resholve icon indicating copy to clipboard operation
resholve copied to clipboard

Published 20 hours ago verified publisher icon abathur

Executables could be discovered by running the script with PATH pointing at FUSE

Open catern opened this issue 5 years ago • 3 comments
trafficstars

Instead of using a parser to parse the text of the shell script, you could point PATH at a FUSE filesystem and run the script to discover the executables the script runs. One might be concerned that one has to run the script, which might have annoying side-effects or be very slow - but that doesn't have to be the case, since you don't have to run the real executables: You can have the FUSE filesystem respond on-demand with stubs that do nothing for every executable that the script runs. This is kind of like what the Tup build system does. https://github.com/gittup/tup

Of course this is not a serious suggestion, parsing the shell script as in your current approach is certainly better (this dynamic way wouldn't even support the most basic functions). I just mention this because you might find it mildly amusing, because I implemented something like resholved using that strategy in this SIGBOVIK paper: https://github.com/catern/rsyscall/tree/master/research/sigbovik2020 https://github.com/catern/rsyscall/blob/master/research/sigbovik2020/paper.pdf

catern avatar Jul 05 '20 21:07 catern

@catern I definitely do find it amusing (and timely).

@grahamc asked lately about two specific ways to catch executables that might otherwise be leaking or falling through the cracks--an option to generate scripts with PATH unset (which is underway in #12), and a "trace" option which I'm still chewing on, since it doesn't square as readily with the model I use here. (Graham mentioned this alongside a few other issues; I split this specific topic out into #9, but you can also see his original comment in #4). I've updated that issue to cross-link here.

I also think the underlying idea here has some other interesting applications! Just a month ago I was talking (log) with @infinisil and @samueldr in nixos-chat and wondered aloud about the viability of a FUSE filesystem that denies information about valid paths by pretending all paths are valid (but only returning correct contents to certain requesting processes by PID).

abathur avatar Jul 05 '20 22:07 abathur

@catern I got a little time to look at this while something else builds, but it looks like it has a Linux dependency. Do you know if this is a hard/intrinsic dependency, or if it's feasible to build on macOS as well?

abathur avatar Aug 03 '20 01:08 abathur

It's a pretty intrinsic dependency for this implementation (symsh), although I suppose the idea could be implemented in essentially the same way on MacOS. The "paper" https://github.com/catern/rsyscall/blob/master/research/sigbovik2020/paper.pdf is mostly intended to be amusing, but the "Applications" and "Implementation" section are essentially legitimate. After that, if you can't run it, I'd just look at the implementation https://github.com/catern/rsyscall/blob/master/python/rsyscall/scripts/symsh.py

catern avatar Aug 03 '20 01:08 catern