Open xcvista opened 6 years ago
Will this pragma also affect build process for libraries if added to the sketch code? If not, then it will not be quite useful as an extension to platform.txt.
This has the same security problems as #29. A malicious sketch can modify commands' paths without user's consent.
I have shared pull request #282 which adds full platform.sketch.txt file support while providing an IDE configuration option for enabling it first. Comments are welcome.
@phd
#pragma
is handled no later than the library-introducing #include
directives, and will affect the entire build process.arduino-build
can be limited with whitelisting: any subdirectory within the Arduino-related folders, and any subdirectory within the current sketch. It is up to the user not to download untrustworthy platforms.@xcvista
Then it seems like a nice replacement for my pull request. I could probably modify it soon to support this.
User may download sample sketches and they should not be allowed (by default) to mess with the system. I think a configuration option in the Arduino IDE for this pragma would be a solution. Maybe even something like a "no/ask/yes" setting.
@phd
Based on this path whitelist, the user should be able to choose among blocking, prompting and allowing execution of programs outside the list. The user should also be allowed to maintain his own additional list of whitelisted paths (Arduino-related directories are always allowed.)
@phd The _Pragma()
syntax need not to be supported right now, just #pragma arduino
.
This is a generalized solution to #15 and #29. It adds one preprocessor macro to the sketch file, while achieving the same effects without introducing special files:
Whatever text comes after this preprocessor macro, to the end of the line, is treated as part of the UserSettings.txt. For example putting the followign lines in the sketch:
is equivalent to adding the following lines to UserSettings.txt for the specific sketch: