-
Notifications
You must be signed in to change notification settings - Fork 30.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
doc,test: add known path resolution issue in permission model
As a side effect of 205f1e6, Node.js now resolves some paths differently when the permission model is enabled. While these are mostly edge cases, they are worth mentioning in the documentation. This commit also adds a known_issues test that demonstrates one such difference. PR-URL: #49155 Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
- Loading branch information
1 parent
40e9fcd
commit f45c8e1
Showing
2 changed files
with
48 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
test/known_issues/test-permission-model-path-resolution.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
'use strict'; | ||
|
||
// The permission model resolves paths to avoid path traversals, but in doing so | ||
// it potentially interprets paths differently than the operating system would. | ||
// This test demonstrates that merely enabling the permission model causes the | ||
// application to potentially access a different file than it would without the | ||
// permission model. | ||
|
||
const common = require('../common'); | ||
|
||
const assert = require('assert'); | ||
const { execFileSync } = require('child_process'); | ||
const { mkdirSync, symlinkSync, writeFileSync } = require('fs'); | ||
const path = require('path'); | ||
|
||
if (common.isWindows) | ||
assert.fail('not applicable to Windows'); | ||
|
||
const tmpdir = require('../common/tmpdir'); | ||
tmpdir.refresh(); | ||
|
||
const a = path.join(tmpdir.path, 'a'); | ||
const b = path.join(tmpdir.path, 'b'); | ||
const c = path.join(tmpdir.path, 'c'); | ||
const d = path.join(tmpdir.path, 'c/d'); | ||
|
||
writeFileSync(a, 'bad'); | ||
symlinkSync('c/d', b); | ||
mkdirSync(c); | ||
mkdirSync(d); | ||
writeFileSync(path.join(c, 'a'), 'good'); | ||
|
||
function run(...args) { | ||
const interestingPath = `${tmpdir.path}/b/../a`; | ||
args = [...args, '-p', `fs.readFileSync(${JSON.stringify(interestingPath)}, 'utf8')`]; | ||
return execFileSync(process.execPath, args, { encoding: 'utf8' }).trim(); | ||
} | ||
|
||
// Because this is a known_issues test, we cannot assert any assumptions besides | ||
// the known issue itself. Instead, do a sanity check and report success if the | ||
// sanity check fails. | ||
if (run() !== 'good') { | ||
process.exit(0); | ||
} | ||
|
||
assert.strictEqual(run('--experimental-permission', `--allow-fs-read=${tmpdir.path}`), 'good'); |