Add os/posix-chroot

Gated in a similar manner to os/posix-fork.
2025-10-28 14:17:42 +00:00 · 2025-09-19 16:23:46 -05:00
parent 015e49c806
commit 357f1f94ca
3 changed files with 25 additions and 0 deletions
--- a/src/core/corelib.c
+++ b/src/core/corelib.c
@@ -746,6 +746,7 @@ typedef struct SandboxOption {

 static const SandboxOption sandbox_options[] = {
    {"all", JANET_SANDBOX_ALL},
+    {"chroot", JANET_SANDBOX_CHROOT},
    {"env", JANET_SANDBOX_ENV},
    {"ffi", JANET_SANDBOX_FFI},
    {"ffi-define", JANET_SANDBOX_FFI_DEFINE},
@@ -771,6 +772,7 @@ JANET_CORE_FN(janet_core_sandbox,
              "Disable feature sets to prevent the interpreter from using certain system resources. "
              "Once a feature is disabled, there is no way to re-enable it. Capabilities can be:\n\n"
              "* :all - disallow all (except IO to stdout, stderr, and stdin)\n"
+              "* :chroot - disallow calling `os/posix-chroot`\n"
              "* :env - disallow reading and write env variables\n"
              "* :ffi - disallow FFI (recommended if disabling anything else)\n"
              "* :ffi-define - disallow loading new FFI modules and binding new functions\n"
--- a/src/core/os.c
+++ b/src/core/os.c
@@ -1541,6 +1541,27 @@ JANET_CORE_FN(os_posix_fork,
 #endif
 }

+JANET_CORE_FN(os_posix_chroot,
+              "(os/posix-chroot dirname)",
+              "Call `chroot` to change the root directory to `dirname`. "
+              "Not supported on all systems (POSIX only).") {
+    janet_sandbox_assert(JANET_SANDBOX_CHROOT);
+    janet_fixarity(argc, 1);
+#ifdef JANET_WINDOWS
+    janet_panic("not supported on Windows");
+#else
+    const char *root = janet_getcstring(argv, 0);
+    int result;
+    do {
+        result = chroot(root);
+    } while (result == -1 && errno == EINTR);
+    if (result == -1) {
+        janet_panic(janet_strerror(errno));
+    }
+    return janet_wrap_nil();
+#endif
+}
+
 #ifdef JANET_EV
 /* Runs in a separate thread */
 static JanetEVGenericMessage os_shell_subr(JanetEVGenericMessage args) {
@@ -2849,6 +2870,7 @@ void janet_lib_os(JanetTable *env) {
        JANET_CORE_REG("os/touch", os_touch),
        JANET_CORE_REG("os/realpath", os_realpath),
        JANET_CORE_REG("os/cd", os_cd),
+        JANET_CORE_REG("os/posix-chroot", os_posix_chroot),
 #ifndef JANET_NO_UMASK
        JANET_CORE_REG("os/umask", os_umask),
 #endif
--- a/src/include/janet.h
+++ b/src/include/janet.h
@@ -1899,6 +1899,7 @@ JANET_API void janet_stacktrace_ext(JanetFiber *fiber, Janet err, const char *pr
 #define JANET_SANDBOX_FFI_USE 2048
 #define JANET_SANDBOX_FFI_JIT 4096
 #define JANET_SANDBOX_SIGNAL 8192
+#define JANET_SANDBOX_CHROOT 16384
 #define JANET_SANDBOX_FFI (JANET_SANDBOX_FFI_DEFINE | JANET_SANDBOX_FFI_USE | JANET_SANDBOX_FFI_JIT)
 #define JANET_SANDBOX_FS (JANET_SANDBOX_FS_WRITE | JANET_SANDBOX_FS_READ | JANET_SANDBOX_FS_TEMP)
 #define JANET_SANDBOX_NET (JANET_SANDBOX_NET_CONNECT | JANET_SANDBOX_NET_LISTEN)