handle comutations in subdirs of the git repository
Eg, a computation might be run in "foo/" and refer to "../bar" as an input or output. So, the subdir is part of the computation state. Also, prevent input or output of files that are outside the git repository. Of course, the program can access any file on disk if it wants to; this is just a guard against mistakes. And it may also be useful if the program comunicates with something less trusted than it, eg a container image, so input/output files communicated by that are not the source of security problems.
This commit is contained in:
parent
ce05a92ee7
commit
2e1fe1620e
4 changed files with 81 additions and 39 deletions
|
@ -26,7 +26,9 @@ For security, the program should avoid exposing user input to the shell
|
|||
unprotected, or otherwise executing it.
|
||||
|
||||
The program is run in a temporary directory, which will be cleaned up after
|
||||
it exits.
|
||||
it exits. Note that it may be run in a subdirectory of its temporary
|
||||
directory. Eg, when `git-annex addcomputed` is run in a `foo/bar/`
|
||||
subdirectory of the git repository.
|
||||
|
||||
The content of any annexed file in the repository can be an input
|
||||
to the computation. The program requests an input by writing a line to
|
||||
|
@ -93,10 +95,10 @@ An example `git-annex-compute-foo` shell script follows:
|
|||
echo "Usage: convert input output [passes=n]" >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ -z "$ANNEX_COMPUTE_passes" ];
|
||||
if [ -z "$ANNEX_COMPUTE_passes" ]; then
|
||||
ANNEX_COMPUTE_passes=1
|
||||
fi
|
||||
echo "INPUT "$2"
|
||||
echo "INPUT $2"
|
||||
read input
|
||||
echo "OUTPUT $3"
|
||||
echo REPRODUCIBLE
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue