Fedora just updated to asciidoc-8.4.5 in rawhide and I'm having
trouble using it to build the git documentation. I get:
ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11.css
ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-manpage.css
ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-quirks.css
I found commit fa6db1ff4369, which fixed a similar problem. In that
case, /etc was a symlink to /private/etc. In the fedora packages,
most of the installation is in /usr/share/asciidoc, with only the
actual conf files in /etc/asciidoc. The stylesheets dir is symlinked
from /usr/share/asciidoc to /etc/asciidoc.
This causes the os.path.commonprefix test to fail in file_in, because
it calls os.path.realpath on directory (/etc/asciidoc), which doesn't
change and then on fname (/etc/asciidoc/./stylesheets/xhtml11.css),
which is canonicalized to /usr/share/asciidoc/stylesheets/xhtml11.css.
I filed a bug in the redhat.com bugzilla which has links to the failed
git build and a hackish patch to fix the git build (but which could
break other things and is unlikely to be a suitable solution to be
applied to asciidoc's repo.
Does anyone have suggestions on how to properly fix this?
(Incidentally, I think it might be worth calling os.path.normpath in
safe_filename() to strip out the ./ in /etc/asciidoc/./stylesheets.
Attached is a patch to do so. Feel free to use or not. :)
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
Going to trial with a lawyer who considers your whole life-style a
Crime in Progress is not a happy prospect.
-- Hunter S. Thompson
Thanks for your clear description of the problem Todd. Personally my
"fix" would be to get rid of the --unsafe option altogether, it just
gets in the way of the user and muddies the code. How many people out
there actually find the --unsafe option useful?
I recently put this work-around in the FAQ:
> (Incidentally, I think it might be worth calling os.path.normpath in
> safe_filename() to strip out the ./ in /etc/asciidoc/./stylesheets.
> Attached is a patch to do so. Feel free to use or not. :)
I've added your patch (did it manually, the attachment was encrypted):
We have asciidoc 8.4.1 installed via yum on a shared CentOS 5.2 server.
We are hit by the same 'unsafe include' bug with the CentOS RPM
> Personally my
> "fix" would be to get rid of the --unsafe option altogether, it just
> gets in the way of the user and muddies the code. How many people out
> there actually find the --unsafe option useful?
I would definitely vote for it's removal.
As the asciidoc 'champion' here I have to make sure everyone knows the
work around (adding --unsafe or setting up aliases).
I don't quite get the point of the 'unsafe' option; AFAICS as long as
asciidoc isn't installed with SUID then why not just let the user
include any files and run any commands that they have permission to.
BTW Generally asciidoc is very useful and the take up here has been
good; we are now using for a large proportion of internal developer
Orchard Building, Royal Holloway, Egham, Surrey TW20 0EX UK
Triometric is the trading name of Hypertrak Limited.
Registered in England and Wales No. 3893713, VAT 727292030