Re: [RFC] searchview: don't be too verbose about bad queries

[Eric Wong <e@80x24.org>]

Ali Alnubani <alialnu@mellanox.com> wrote:
> > -----Original Message-----
> > From: Eric Wong <e@80x24.org>
> > Sent: Tuesday, June 11, 2019 10:38 PM
> > To: meta@public-inbox.org
> > Cc: Ali Alnubani <alialnu@mellanox.com>
> > Subject: [RFC] searchview: don't be too verbose about bad queries
> > 
> > Ali sent this privately to me as a potential security issue.
> > I am not a security expert and I certainly don't consider this a big enough
> > problem to discuss privately...
> > 
> > The potential issue is exposing path names of Xapian installs.
> > 
> > I figure installation paths of open source software (particularly with FHS / LSB
> > systems) is well-standardized to the point that it's pointless to obscure or
> > obfuscate anyways.
> They are standardized for system-wide installations. But having perl libs/modules/binaries
> installed per user or on non-default paths could expose some private info, including usernames
> for example, making those system users subject to some attacks.

Fair point.

Maybe a reverse-mapping of %INC can be used to translate the
full path to the short path name (e.g. "Xapian/Enquire.pm")

Something like the following (totally untested):

	# global
	my %rmap_inc = map { "$INC{$_}" => $_ } keys %INC;

	# in err_txt:
	$err =~ s!\b(\S+)\b!
		my $full = $1;
		if (-e $full) {
			my $short = $rmap_inc{$full};
			unless (defined $short) {
				# rebuild rmap in case new modules were loaded
				%rmap_inc = map { "$INC{$_}" => $_ } keys %INC;
			}

			# fall back to basename as last resort
			$short = $rmap_inc{$full} // ((split('/', $full))[-1];
		} else {
			$full;
		}
	!sge;