Check for open_basedir before reading /proc #37959
Conversation
szaimen
requested review from
a team,
ArtificialOwl,
icewind1991,
blizzz and
kesselb
and removed request for
a team
lib/private/Preview/Generator.php
Outdated
| $width = is_readable('/proc/cpuinfo') ? substr_count(file_get_contents('/proc/cpuinfo'), 'processor') : 0; | ||
| } else { | ||
| $openBasedirPaths = explode(':', $openBasedir); | ||
| foreach ($openBasedirPaths as $path) { |
There was a problem hiding this comment.
It should also work to use strpos /proc and strpos /proc/cpuinfo on openbasedir without the explode 🤔
There was a problem hiding this comment.
I was wrong. To check properly for /proc and/or /proc/cpuinfo we indeed need to iterate over the entries and make sure to detect if the whole folder is allowed.
|
I think we should remove getHardwareConcurrency and use a sane default. A hint for Every time a generator instance is loaded, we fetch /proc/cpuinfo to use the number of processor as default value. I think this is unnecessary. We don't support FreeBSD. But TrueNAS which is based on FreeBSD. On FreeBSD /proc/cpuinfo is not available. We need a different way to retrieve the processors: https://github.com/nextcloud/serverinfo/blob/1146b21d13073c5e8799eb707096d12b5f682026/lib/OperatingSystems/FreeBSD.php#L81 My recommendation is to keep it simple. |
|
This whole section of code The overall generator CPU balancing feature is sound, but the code elsewhere within it could use some refactoring. The only reason the open_basedir trigger in this issue can't easily be headed off by the admin simply configuring the I also wouldn't bother with trying to process the contents of the open_basedir if it's found. I'd just fall back to the sane defaults (which the admin can still override if they wish as currently coded). Plus even after parsing open_basedir the processing of /proc could still fail for other reasons (like different OSes as @kesselb noted). That said, K.I.S.S. - and rather than submitting a competing PR - here's the quick and dirty path I suggest until a more extensive refactor can happen: |
|
I agree that simplication is (almost) ALWAYS the way to go, but this PR is only about open_basedir error suppression, nothing more. Feel free to submit a proper PR to simplify the whole thing or complete the actual checks for all OSes. |
There was a problem hiding this comment.
Seems okay to me. Achieves the primary aim: allow some folks to add it to their open_basedir, but if they can't (or don't) it'll fall through to the defaults while still also permitting an explicit override to more appropriate local parameters by way of the preview_concurrency_* config parameters. And all without erroring out.
There are still some edge cases like if open_basedir = "/tmp:/home/user:/proc" which technically does permit cpuinfo access but would still fail this test, but given the above I don't think that matters nor is worth complicating the code further (plus it'd be sort of weird to lock things down with open_basedir yet then open up all of /proc IMO, but I've seen loads of weird things in the wild hah).
|
Could this work?: public static function getHardwareConcurrency(): int { This first checks if the nproc function is available. If it is, it uses nproc to determine the hardware concurrency. If nproc is not available and the operating system is Linux, it uses the sysctl approach to query the number of CPU cores. If neither method is available or if the code is running on a platform other than Linux, it sets the hardware concurrency to 0. Just my ¢2 |
AndyScherzinger
force-pushed
the
ob-proc
branch
from
0cf5add
to
6e7c5ad
Compare
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
|
/backport to stable27 |
Summary
Check if
open_basediris set. If yes and is restrictive, or if can't be determined, set it to0.Checklist