Spurious unsafe include errors?

57 views
Skip to first unread message

Todd Zullinger

unread,
Jun 19, 2009, 8:24:26 PM6/19/09
to asci...@googlegroups.com
Hi,

Fedora just updated to asciidoc-8.4.5 in rawhide and I'm having
trouble using it to build the git documentation. I get:

ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11.css
ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-manpage.css
ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-quirks.css

I found commit fa6db1ff4369, which fixed a similar problem. In that
case, /etc was a symlink to /private/etc. In the fedora packages,
most of the installation is in /usr/share/asciidoc, with only the
actual conf files in /etc/asciidoc. The stylesheets dir is symlinked
from /usr/share/asciidoc to /etc/asciidoc.

This causes the os.path.commonprefix test to fail in file_in, because
it calls os.path.realpath on directory (/etc/asciidoc), which doesn't
change and then on fname (/etc/asciidoc/./stylesheets/xhtml11.css),
which is canonicalized to /usr/share/asciidoc/stylesheets/xhtml11.css.

I filed a bug in the redhat.com bugzilla which has links to the failed
git build and a hackish patch to fix the git build (but which could
break other things and is unlikely to be a suitable solution to be
applied to asciidoc's repo.

Does anyone have suggestions on how to properly fix this?

(Incidentally, I think it might be worth calling os.path.normpath in
safe_filename() to strip out the ./ in /etc/asciidoc/./stylesheets.
Attached is a patch to do so. Feel free to use or not. :)

--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Going to trial with a lawyer who considers your whole life-style a
Crime in Progress is not a happy prospect.
-- Hunter S. Thompson

Stuart Rackham

unread,
Jun 28, 2009, 6:34:00 PM6/28/09
to asci...@googlegroups.com
Todd Zullinger wrote:
> Hi,
>
> Fedora just updated to asciidoc-8.4.5 in rawhide and I'm having
> trouble using it to build the git documentation. I get:
>
> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11.css
> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-manpage.css
> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-quirks.css
>
> I found commit fa6db1ff4369, which fixed a similar problem. In that
> case, /etc was a symlink to /private/etc. In the fedora packages,
> most of the installation is in /usr/share/asciidoc, with only the
> actual conf files in /etc/asciidoc. The stylesheets dir is symlinked
> from /usr/share/asciidoc to /etc/asciidoc.
>
> This causes the os.path.commonprefix test to fail in file_in, because
> it calls os.path.realpath on directory (/etc/asciidoc), which doesn't
> change and then on fname (/etc/asciidoc/./stylesheets/xhtml11.css),
> which is canonicalized to /usr/share/asciidoc/stylesheets/xhtml11.css.
>
> I filed a bug in the redhat.com bugzilla which has links to the failed
> git build and a hackish patch to fix the git build (but which could
> break other things and is unlikely to be a suitable solution to be
> applied to asciidoc's repo.
>
> Does anyone have suggestions on how to properly fix this?

Thanks for your clear description of the problem Todd. Personally my
"fix" would be to get rid of the --unsafe option altogether, it just
gets in the way of the user and muddies the code. How many people out
there actually find the --unsafe option useful?

I recently put this work-around in the FAQ:
http://www.methods.co.nz/asciidoc/faq.html#_the_asciidoc_unsafe_option_is_a_pain_can_it_be_enabled_by_default


>
> (Incidentally, I think it might be worth calling os.path.normpath in
> safe_filename() to strip out the ./ in /etc/asciidoc/./stylesheets.
> Attached is a patch to do so. Feel free to use or not. :)

I've added your patch (did it manually, the attachment was encrypted):
http://hg.sharesource.org/asciidoc/rev/aae9af8655c7


Cheers, Stuart

>

Sam Elstob

unread,
Jun 29, 2009, 5:02:27 AM6/29/09
to asci...@googlegroups.com

Stuart Rackham wrote:
> Fedora just updated to asciidoc-8.4.5 in rawhide and I'm having
>> trouble using it to build the git documentation. I get:
>>
>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11.css
>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-manpage.css
>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-quirks.css
>>

We have asciidoc 8.4.1 installed via yum on a shared CentOS 5.2 server.

We are hit by the same 'unsafe include' bug with the CentOS RPM

> Personally my
> "fix" would be to get rid of the --unsafe option altogether, it just
> gets in the way of the user and muddies the code. How many people out
> there actually find the --unsafe option useful?
>

I would definitely vote for it's removal.

As the asciidoc 'champion' here I have to make sure everyone knows the
work around (adding --unsafe or setting up aliases).

I don't quite get the point of the 'unsafe' option; AFAICS as long as
asciidoc isn't installed with SUID then why not just let the user
include any files and run any commands that they have permission to.

BTW Generally asciidoc is very useful and the take up here has been
good; we are now using for a large proportion of internal developer
documentation.

Regards

Sam Elstob
Product Developer
Triometric

e: sam.e...@triometric.net
w: http://www.triometric.net

Orchard Building, Royal Holloway, Egham, Surrey TW20 0EX UK
Triometric is the trading name of Hypertrak Limited.
Registered in England and Wales No. 3893713, VAT 727292030

Reply all
Reply to author
Forward
0 new messages