tree: b6f83866d3d5c090bf5f19410f9b6e9cf468be6d [path history] [tgz]
  1. BUILD.gn
  2. DIR_METADATA
  3. grammar.cc
  4. grammar.h
  5. main.cc
  6. OWNERS
  7. parser.cc
  8. parser.h
  9. parser_fuzzer.cc
  10. parser_test.cc
  11. process_launcher.cc
  12. process_launcher.h
  13. process_launcher_test.cc
  14. README.md
  15. scanner.cc
  16. scanner.h
  17. scanner_test.cc
  18. shell.cc
  19. shell.h
  20. shell_test.cc
  21. verifier.cc
  22. verifier.h
  23. verifier_test.cc
foomatic_shell/README.md

foomatic_shell: mini-shell used by foomatic-rip

This is a simple mini-shell that is used by foomatic-rip to execute small scripts included in some PPD files.

Some PPD files from foomatic provides small shell scripts that must be run in order to process documents sent to a printer. The script is often customized in runtime. This approach is quite flexible but also introduces security vulnerability. Originally, foomatic-rip uses default OS shell to execute the script. In ChromeOS, foomatic-rip calls foomatic_shell instead (from this package).

foomatic_shell executes given shell script in controlled environment to mitigate the security risk. It supports pipes and backticks operator (generating command by a subshell). Only very limited set of commands is allowed, foomatic_shell enforces also some restrictions on command line parameters.

Appendix: FOOMATIC_VERIFY_MODE

When the environment variable FOOMATIC_VERIFY_MODE is set, foomatic_shell goes into no-op mode. It carries out command verification as normal but does not run the overall pipeline. For example, this environment variable is set in the printer.TestPPDs tast test..