Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

safe-mode + (outdir != sourcedir) == jail violation #262

Open
slonopotamus opened this issue Jan 28, 2020 · 4 comments
Open

safe-mode + (outdir != sourcedir) == jail violation #262

slonopotamus opened this issue Jan 28, 2020 · 4 comments

Comments

@slonopotamus
Copy link
Contributor

slonopotamus commented Jan 28, 2020
edited
Loading

Please, see my repro repository.

It has a single book/book.adoc:

= Diagrams

[ditaa, "cool-diag"]
....
+----+
|Jail|
+----+
....

And I try to convert that book to a different directory:

$ asciidoctor -r asciidoctor-diagram --safe-mode server -D output book/book.adoc

But suddenly, this produces warnings:

asciidoctor: WARNING: path is outside of jail; recovering automatically
asciidoctor: WARNING: path is outside of jail; recovering automatically

And as a result, book/cool-diag.png is created instead of output/cool-diag.png.

Expected: no warnings + cool-diag.png is created in output directory instead of book directory.

Reproduced using asciidoctor-2.0.10 + asciidoctor-diagram 2.0.1.

So, seems like jail mechanism did here the reverse of what it was supposed to do. Instead of allowing to write only into destination dir, it rejected writing to destination dir and forced writing into source dir.
@mojavelinux
Copy link
Member

I think this is more of a core issue. The jail mechanism has never really been fully fleshed out. It was more of a paranoid mode than a truly useful one. This is a good example. I've long wanted to rework it so it behaves more logically.

@slonopotamus
Copy link
Contributor Author

slonopotamus commented Jan 28, 2020
edited
Loading

I think this is more of a core issue

I possibly agree, though don't know how to reproduce it with core standalone. I guess you have permissions to transfer issue to core.

It was more of a paranoid mode than a truly useful one.

I came across this bug because it turned out that Asciidoctor.convert_file defaults to SAFE mode (unlike CLI that defaults to UNSAFE), so I assumed SAFE mode is something that is used pretty extensively.

@mojavelinux
Copy link
Member

I came across this bug because it turned out that Asciidoctor.convert_file defaults to SAFE mode (unlike CLI that defaults to UNSAFE), so I assumed SAFE mode is something that is used pretty extensively.

There's a weird history around it. Basically, it had to be that way for Asciidoctor to work on GitHub, even though GitHub doesn't actually use any features that are affected by it.

@pepijnve pepijnve mentioned this issue Oct 1, 2020
Closed
@coulas
Copy link

coulas commented Jun 13, 2024
edited
Loading

To reproduce on core, you can use includes with sources under the source tree or output tree, etc.
I am using Doctoolchain 3.3.1 that embeds gradle launching a ruby implementation of Asciidoctor.
When I include files under the source tree, I get the same error, the included file is not in the jail that jail being the output directory, not the source directory.
So I can't include diagrams that are in the same directory of the Adoc file, nor include source code even when it is in the subfolder of the folder containing the Adoc file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mojavelinux @slonopotamus @coulas