tailwind-config-viewer icon indicating copy to clipboard operation
tailwind-config-viewer copied to clipboard

Published 20 hours ago verified publisher icon rogden

Test suite fails on Fedora

Open DemiMarie opened this issue 3 years ago • 2 comments

The test suite fails on Fedora. Build script and log output attached. log.txt build.txt

DemiMarie avatar Feb 13 '22 17:02 DemiMarie

I need to debug this a bit, but a recent run of the Fedora build behaves (AFAICT) the same. Looking at sandboxed_api/sandbox2/stack_trace.cc:142, we're probably just missing /lib and /lib64 (although on Fedora, those are symlinks).

So maybe we should revisit the statement that we don't need to parse /proc/<pid>/maps and/or /proc/<pid>/exe.

cblichmann avatar Feb 14 '22 16:02 cblichmann

I need to debug this a bit, but a recent run of the Fedora build behaves (AFAICT) the same. Looking at sandboxed_api/sandbox2/stack_trace.cc:142, we're probably just missing /lib and /lib64 (although on Fedora, those are symlinks).

/usr/lib64 is the main one.

So maybe we should revisit the statement that we don't need to parse /proc/<pid>/maps and/or /proc/<pid>/exe.

I don’t think parsing those is a good idea if it means the sandboxed process needs access to /proc, as /proc has been a source of kernel vulnerabilities in the past. If the parent process needs to parse /proc/self/maps or /proc/self/exe that is fine. Parsing the child process’s /proc/<pid>/{maps,exe} should be fine provided that the parsing code is robust against malicious input.

DemiMarie avatar Feb 14 '22 17:02 DemiMarie