unicorn Ruby/Rack server user+dev discussion/patches/pulls/bugs/help
 help / color / mirror / code / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download mbox.gz: |
* Re: tmpio.rb and taint mode
  @ 2019-12-11 23:16  5% ` Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2019-12-11 23:16 UTC (permalink / raw)
  To: Terry Scheingeld; +Cc: unicorn-public

Terry Scheingeld <tscheingeld32@gmail.com> wrote:
> tmpio.rb causes an "insecure operation" error when being run in taint
> mode. This is due not to a problem in tmpio.rb but in Ruby's File
> class. Here are the details on the problem and a simple workaround for
> it.
> 
> I filed this bug report in February 2018:
> https://bugs.ruby-lang.org/issues/14485. The problem is that when a
> File object is created using an untainted string for the path, File
> nevertheless changes that path to tainted. It is agreed thatit's a
> bug: File should not taint an untainted path. However, efforts to fix
> the bug seem to have stalled out.
> 
> Now, in tmpio.rb, a random, untainted path is generated and stored in
> the Unicorn::TmpIO object. Then, a few lines later, the class attempts
> to unlink that file using the path stored in the object. Because of
> the bug in File, the path is now tainted, resulting in an insecure
> operation error.
> 
> I propose a simple workaround. Store the path in its own variable.
> Pass the variable to the Unicorn::TmpIO object, but use the original
> variable to unlink the file. This technique worked in experimentation
> for me. Here's a modified version of tmpio.rb.

Thanks for the analysis, explanation and fix.  I've made your
change into the patch + commit message below.

I had no idea unicorn or rack could work at all with tainting
enabled...  Was there anything else that was broken with
taint checks?

But AFAIK tainting is due to be removed in Ruby, soonish (I've
never used it in either Ruby or Perl5).

Anyways, I'll merge this into master soonish and hopefully get
some doc updates + release in a week or so...  Thanks again.

---------------8<-----------------
From: Terry Scheingeld <tscheingeld32@gmail.com>
Date: Wed, 11 Dec 2019 11:24:59 -0500
Subject: [PATCH] tmpio: workaround File#path being tainted on unlink

Ruby mistakenly taints the file path, causing File.unlink
to fail: https://bugs.ruby-lang.org/issues/14485

Workaround the Ruby bug by keeping the path as a local
variable and passing that to File.unlink, instead of the
return value of File#path.

Link: https://bogomips.org/unicorn-public/CABg1sXrvGv9G6CDQxePDUqTe6N-5UpLXm7eG3YQO=dda-Cgg7A@mail.gmail.com/
---
 lib/unicorn/tmpio.rb | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/unicorn/tmpio.rb b/lib/unicorn/tmpio.rb
index db88ed33..0bbf6ec5 100644
--- a/lib/unicorn/tmpio.rb
+++ b/lib/unicorn/tmpio.rb
@@ -11,12 +11,18 @@ class Unicorn::TmpIO < File
   # immediately, switched to binary mode, and userspace output
   # buffering is disabled
   def self.new
+    path = nil
+
+    # workaround File#path being tainted:
+    # https://bugs.ruby-lang.org/issues/14485
     fp = begin
-      super("#{Dir::tmpdir}/#{rand}", RDWR|CREAT|EXCL, 0600)
+      path = "#{Dir::tmpdir}/#{rand}"
+      super(path, RDWR|CREAT|EXCL, 0600)
     rescue Errno::EEXIST
       retry
     end
-    unlink(fp.path)
+
+    unlink(path)
     fp.binmode
     fp.sync = true
     fp


^ permalink raw reply related	[relevance 5%]

* [PATCH 3/3] doc updates
  2015-11-01  8:37  6% [PATCH 0/3] last updates before 5.0 release Eric Wong
@ 2015-11-01  8:37  5% ` Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2015-11-01  8:37 UTC (permalink / raw)
  To: unicorn-public; +Cc: Eric Wong

ISSUES: note images are considered spam as well as HTML.

Links: Clarify we may only endorse the Free versions of nginx, not the
non-Free versions.

Add a link to Starman as a unicorn derivative, as I even use Starman
myself.  Remove yahns, since it's really the complete opposite of
unicorn and probably not appropriate to place next to Starman and
gunicorn
---
 ISSUES | 2 +-
 Links  | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/ISSUES b/ISSUES
index 7c91555..394c852 100644
--- a/ISSUES
+++ b/ISSUES
@@ -9,7 +9,7 @@ submit patches and/or obtain support after you have searched the
 * Cc: all participants in a thread or commit, as subscription is optional
 * Do not {top post}[http://catb.org/jargon/html/T/top-post.html] in replies
 * Quote as little as possible of the message you're replying to
-* Do not send HTML mail, it will be flagged as spam
+* Do not send HTML mail or images, it will be flagged as spam
 * Anonymous and pseudonymous messages will always be welcome.
 * The email submission port (587) is enabled on the bogomips.org MX:
   http://bogomips.org/unicorn-public/20141004232241.GA23908@dcvr.yhbt.net/t/
diff --git a/Links b/Links
index 16c9467..6474a9d 100644
--- a/Links
+++ b/Links
@@ -37,14 +37,15 @@ or services behind them.
 * {Ruby}[https://www.ruby-lang.org/en/] - the programming language of
   Rack and unicorn
 
-* {nginx}[http://nginx.org/] - the reverse proxy for use with unicorn
+* {nginx}[http://nginx.org/] (Free versions) -
+  the reverse proxy for use with unicorn
 
 === Derivatives
 
 * {Green Unicorn}[http://gunicorn.org/] - a Python version of unicorn
 
-* {yahns}[http://yahns.yhbt.net/] - the complete opposite of unicorn in
-  every imaginable way.  Designed for energy efficiency on idle sites.
+* {Starman}[http://search.cpan.org/dist/Starman/] - Plack/PSGI version
+  of unicorn
 
 === Prior Work
 
-- 
EW


^ permalink raw reply related	[relevance 5%]

* Re: [ANN] unicorn 4.8.0.pre1 prerelease gem
  @ 2014-01-09 21:50  6% ` Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2014-01-09 21:50 UTC (permalink / raw)
  To: mongrel-unicorn

Eric Wong <normalperson@yhbt.net> wrote:
>       tests: fix SO_REUSEPORT tests for old Linux and non-Linux
>       stream_input: avoid IO#close on client disconnect
>       t0300: kill off stray processes in test
>       always write PID file early for compatibility
>       doc: clarify SIGNALS and reference init example
>       rework master-to-worker signaling to use a pipe

Btw, has anybody tried this?  I haven't noticed any issues, and I'm
thinking about releasing this as 4.8.0 as-is (with some minor doc
updates)
_______________________________________________
Unicorn mailing list - mongrel-unicorn@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying

^ permalink raw reply	[relevance 6%]

* [PATCH 0/3] last updates before 5.0 release
@ 2015-11-01  8:37  6% Eric Wong
  2015-11-01  8:37  5% ` [PATCH 3/3] doc updates Eric Wong
  0 siblings, 1 reply; 8+ results
From: Eric Wong @ 2015-11-01  8:37 UTC (permalink / raw)
  To: unicorn-public

Nothing significant...

Eric Wong (3):
      golf down conditional for socket activation
      gemspec: relax Ruby version requirement for old RubyGems
      doc updates

 ISSUES                     |  2 +-
 Links                      |  7 ++++---
 lib/unicorn/http_server.rb |  2 +-
 unicorn.gemspec            | 12 ++++++++++--
 4 files changed, 16 insertions(+), 7 deletions(-)


^ permalink raw reply	[relevance 6%]

* [ANN] unicorn 5.5.1 - Rack HTTP server for fast clients and
@ 2019-05-06  6:50  6% Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2019-05-06  6:50 UTC (permalink / raw)
  To: ruby-talk, unicorn-public; +Cc: Jeremy Evans, Stan Pitucha, Stephen Demjanenko

unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels.  Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between unicorn and slow clients.

Disclaimer:

Due to its ability to tolerate crashes and isolate clients, unicorn
is unfortunately known to prolong the existence of bugs in applications
and libraries which run on top of it.

* https://bogomips.org/unicorn/
* public list: unicorn-public@bogomips.org
* mail archives: https://bogomips.org/unicorn-public/
* git clone https://bogomips.org/unicorn.git
* https://bogomips.org/unicorn/NEWS.atom.xml
* nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn

This release fixes and works around issues from v5.5.0 (2019-03-04)

Stephen Demjanenko worked around a pipe resource accounting bug
present in old Linux kernels.  Linux 3.x users from 3.16.57 and
on are unaffected.  Linux 4.x users from 4.9 and on are
unaffected.

https://bogomips.org/unicorn-public/1556922018-24096-1-git-send-email-sdemjanenko@gmail.com/

Stan Pitucha reported a bug with the old `unicorn_rails' wrapper
(intended for Rails 2.x users) which was promptly fixed by
Jeremy Evans:

https://bogomips.org/unicorn-public/CAJ2_uEPifcv_ux4sX=t0C4zHTHGhqVfcLcSB2kTU3Rb_6pQ3nw@mail.gmail.com/

There's also some doc updates to warn users off `unicorn_rails';
the homepage is now energy-efficient for OLEDs and CRTs;
and I'm no longer advertising mailing list subscriptions
(because I hate centralization and mail archives are the priority)

Eric Wong (3):
      doc: unicorn_rails: clarify that it is intended for rails <= 2.x
      doc: stop advertising mailing list subscription
      doc: switch homepage to dark216

Jeremy Evans (1):
      unicorn_rails: fix regression with Rails >= 3.x in app build

Stephen Demjanenko (1):
      Rescue failed pipe resizes due to permissions

havpbea: orngvat n qrnq ubefr hagvy gur fgvpx trgf fghpx va vg'f fxhyy

^ permalink raw reply	[relevance 6%]

* [ANN] unicorn 1.1.4 - small bug fix and doc updates
@ 2010-10-04 20:37  6% Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2010-10-04 20:37 UTC (permalink / raw)
  To: mongrel-unicorn

Changes:

We no longer unlinking actively listening sockets upon startup
(but continue to unlink dead ones).  This bug could trigger
downtime and nginx failures if a user makes an error and
attempts to start Unicorn while it is already running.

Thanks to Jordan Ritter for the detailed bug report leading to
this fix.

ref: http://mid.gmane.org/8D95A44B-A098-43BE-B532-7D74BD957F31@darkridge.com

There are also minor documentation and test updates pulled in
from master.  This is hopefully the last bugfix release of the
1.1.x series.

* http://unicorn.bogomips.org/
* mongrel-unicorn@rubyforge.org
* git://git.bogomips.org/unicorn.git

-- 
Eric Wong
_______________________________________________
Unicorn mailing list - mongrel-unicorn@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying


^ permalink raw reply	[relevance 6%]

* [ANN] unicorn 6.1.0 - Rack HTTP server for fast clients and *nix
@ 2021-12-25 18:06  7% Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2021-12-25 18:06 UTC (permalink / raw)
  To: ruby-talk, unicorn-public

unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels.  Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between unicorn and slow clients.

Disclaimer:

Due to its ability to tolerate crashes and isolate clients, unicorn
is unfortunately known to prolong the existence of bugs in applications
and libraries which run on top of it.

Consider this just an announcement to inform existing users of a
new version, not something to convince you to switch to something
that set the entire Ruby world back decades in terms of concurrency.

Note:
.onion URLs below are available for Tor users and can reduce
our operating costs:

* https://yhbt.net/unicorn/
  http://unicorn.7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/
* public list: unicorn-public@yhbt.net
* mail archives: https://yhbt.net/unicorn-public/
  http://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/unicorn-public/
* git clone https://yhbt.net/unicorn.git
  torsocks git clone http://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/unicorn.git
* https://yhbt.net/unicorn/NEWS.atom.xml
  http://unicorn.7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/NEWS.atom.xml
* nntps://news.public-inbox.org/inbox.comp.lang.ruby.unicorn
  nntp://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/inbox.comp.lang.ruby.unicorn
  imaps://yhbt.net/inbox.comp.lang.ruby.unicorn.0
  imap://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/inbox.comp.lang.ruby.unicorn.0

Changes:

    This release reduces CPU usage for Linux 4.5+ in most cases.
    See "[PATCH 6/6] use EPOLLEXCLUSIVE on Linux 4.5+" for more details:
      https://yhbt.net/unicorn-public/20211001030923.26705-7-bofh@yhbt.net/

    There's a couple of updates for Ruby 3.1, but we've finally
    started relying on Ruby 2.0.0 features after 9 years :P
    (so Ruby 1.9.3 users are stuck with older versions).

    And the usual round of doc updates and some build speedups.

    13 changes by the Bozo Doofus maintainer since v6.0.0:

          test_util: less excessive encoding tests
          drop Ruby 1.9.3 support, require 2.0+ for now
          drop unnecessary IO#close_on_exec=true assignment
          extconf.rb: get rid of unnecessary checks
          makefile: reduce unnecessary rebuilds
          HACKING: drop outdated information about pandoc
          http_server: get rid of Process.ppid check
          worker_loop: get rid of select() avoidance hack
          use EPOLLEXCLUSIVE on Linux 4.5+
          allow Ruby to deduplicate remaining globals
          epollexclusive: remove rb_gc_force_recycle call
          drop Ruby version warning, fix speling errer
          doc: v3 .onion updates, nntp => nntps, minor wording changes

^ permalink raw reply	[relevance 7%]

* [ANN] unicorn 4.2.1 - minor fix and doc updates
@ 2012-03-26 21:45  7% Eric Wong
  0 siblings, 0 replies; 8+ results
From: Eric Wong @ 2012-03-26 21:45 UTC (permalink / raw)
  To: mongrel-unicorn

Changes:

* Stale pid files are detected if a pid is recycled by processes
  belonging to another user, thanks to Graham Bleach.
* nginx example config updates thanks to to Eike Herzbach.
* KNOWN_ISSUES now documents issues with apps/libs that install
  conflicting signal handlers.

* http://unicorn.bogomips.org/
* mongrel-unicorn@rubyforge.org
* git://bogomips.org/unicorn.git
* http://unicorn.bogomips.org/NEWS.atom.xml
_______________________________________________
Unicorn mailing list - mongrel-unicorn@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying

^ permalink raw reply	[relevance 7%]

Results 1-8 of 8 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2012-03-26 21:45  7% [ANN] unicorn 4.2.1 - minor fix and doc updates Eric Wong
2021-12-25 18:06  7% [ANN] unicorn 6.1.0 - Rack HTTP server for fast clients and *nix Eric Wong
2015-11-01  8:37  6% [PATCH 0/3] last updates before 5.0 release Eric Wong
2015-11-01  8:37  5% ` [PATCH 3/3] doc updates Eric Wong
2010-10-04 20:37  6% [ANN] unicorn 1.1.4 - small bug fix and " Eric Wong
2019-05-06  6:50  6% [ANN] unicorn 5.5.1 - Rack HTTP server for fast clients and Eric Wong
2019-12-11 16:24     tmpio.rb and taint mode Terry Scheingeld
2019-12-11 23:16  5% ` Eric Wong
2013-12-09  9:54     [ANN] unicorn 4.8.0.pre1 prerelease gem Eric Wong
2014-01-09 21:50  6% ` Eric Wong

Code repositories for project(s) associated with this public inbox

	https://yhbt.net/unicorn.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).