Added safe_open that can create file descriptors (!85) · Merge requests · portmod / Portmod

Benjamin Winger requested to merge bmwinger/portmod:sandbox_open into master Jul 30, 2019

As a follow-up to the recently merged sandbox changes, I realized we provided no safe way of reading files directly (necessary for parsing json etc. where the functions expect a file descriptor or a string). This implements open using the io_guard wrappers to ensure that it isn't called in an unsafe manner. I've also added a few other missing builtins such as list, set and frozenset.

TODO: Tests!

Should test both reading and writing in the different contexts (global scope, src_unpack/can_update_live, src_prepare/src_install).

Edited Jul 30, 2019 by Benjamin Winger

Added safe_open that can create file descriptors

Merge request reports