search

swiftlang / swift-package-manager

The Package Manager for the Swift Programming Language
Apache License 2.0
9.66k stars 1.31k forks source link

Sandbox security problem? #6951

Open dabrahams opened 9 months ago

dabrahams commented 9 months ago

Description

I was surprised to find that if I make an outer SPM invocation, and within that, a nested SPM invocation with --disable-sandbox that I can write on directories outside of the outer sandbox. Is that intentional? It seems like a bit of a security problem that I can bypass a sandbox just by invoking spm from within it with the right options.

Expected behavior

No response

Actual behavior

No response

Steps to reproduce

No response

Swift Package Manager version/commit hash

Swift 5.9

Swift & OS version (output of swift --version ; uname -a)

swift-driver version: 1.87.1 Apple Swift version 5.9 (swiftlang-5.9.0.128.108 clang-1500.0.40.1) Target: arm64-apple-macosx13.0 Darwin davea-mbp16.corp.adobe.com 22.6.0 Darwin Kernel Version 22.6.0: Fri Sep 15 13:41:28 PDT 2023; root:xnu-8796.141.3.700.8~1/RELEASE_ARM64_T6000 arm64

neonichu commented 9 months ago

What do you mean by "within that"? You're executing another SwiftPM via a build or command plugin?

dabrahams commented 9 months ago

Yes via build tool plugin

neonichu commented 9 months ago

And that's invoking SwiftPM from the plugin directly or producing a build command instance that will use SwiftPM?

dabrahams commented 9 months ago

I don't exactly understand what you're asking. To be precise, what I did was to take the portable-build-tool branch of this project and replaced most of the #if os(Windows) with #if true in the linked file (except for the platformString and import WinSDK parts). I don't have the patch handy, but making it work is mostly a matter of redefining those three constants declared near the top. The build tool invokes swift run as you can see. That I was able to swift test successfully on Mac without --disable-sandbox on the command line surprised me. The fact that the inner swift run has the sandbox disabled shouldn't allow it to escape the outer sandbox… right? You can hardcode replace scratchPath with /tmp/xxx to prove to yourself that it writes outside the outer sandbox.

neonichu commented 9 months ago

Right, so it looks like you are producing build commands that execute SwiftPM. I wonder if those are potentially not sandboxed?

neonichu commented 9 months ago

Right, so it looks like you are producing build commands that execute SwiftPM. I wonder if those are potentially not sandboxed?

No, that is not the case, at least in theory, we are sandboxing both: https://github.com/apple/swift-package-manager/blob/main/Sources/Build/LLBuildManifestBuilder.swift#L230