Skip to content

[5.6] Make sure that NSTemporaryDirectory() is included when writableTemporaryDirectory is set. #3921

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 9, 2021
Merged

[5.6] Make sure that NSTemporaryDirectory() is included when writableTemporaryDirectory is set. #3921

merged 1 commit into from
Dec 9, 2021

Conversation

abertelrud
Copy link
Contributor

@abertelrud abertelrud commented Dec 8, 2021
edited
Loading

This is the 5.6 cherry-pick of #3918 and its refinement #3920.

This change makes the sandbox cover the regular "/tmp" and NSTemporaryDirectory() paths. If environment entries are used to set other temporary directories in the subprocess, then the calling code should pass those to the writableDirectories parameter.

rdar://86150592
(cherry picked from commit 5546a97 and 3ba3305)

@abertelrud
[5.6] Make sure that NSTemporaryDirectory() is included when `writabl…
5bc8905 
…eTemporaryDirectory` is set. (swiftlang#3918)

It seems that `TSCBasic.determineTempDirectory()` lets environment variables override the temporary directory, which might be alright for the process itself but not necessarily for spawned subprocesses.  If the subprocess uses NSTemporaryDirectory(), then that still won't be covered by the sandbox.

This change makes the sandbox cover the regular "/tmp" and NSTemporaryDirectory() paths.  If environment entries are used to set other temporary directories in the subprocess, then the calling code should pass those to the `writableDirectories` parameter.

rdar://86150592
(cherry picked from commit 5546a97 and  3ba3305)
@abertelrud abertelrud self-assigned this Dec 8, 2021
@abertelrud abertelrud added 5.6 ready Author believes the PR is ready to be merged & any feedback has been addressed labels Dec 8, 2021
@abertelrud
Copy link
Contributor Author

@swift-ci please smoke test

@abertelrud
Copy link
Contributor Author

@swift-ci please test

@abertelrud
Copy link
Contributor Author

abertelrud commented Dec 8, 2021
edited
Loading

Self-hosted is failing because there is no 5.6 toolchain yet (it's not a required build though).

@abertelrud abertelrud merged commit b39c83e into swiftlang:release/5.6 Dec 9, 2021
@abertelrud abertelrud deleted the eng/adjust-sandbox-to-always-include-nstemporarydirectory-when-tmp-dir-is-writable-5.6 branch December 9, 2021 07:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elsh elsh Awaiting requested review from elsh elsh is a code owner

@neonichu neonichu Awaiting requested review from neonichu neonichu is a code owner

1 more reviewer

@tomerd tomerd tomerd approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@abertelrud abertelrud

Labels
ready Author believes the PR is ready to be merged & any feedback has been addressed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@abertelrud @tomerd