sandbox2tool CLI is broken
RPGillespie6 opened this issue · comments
Sandbox2 Tool (sandbox2tool.cc) is broken in the sense that you cannot pass any flags to it via CLI. Example error:
$ ./sandboxed_api/sandbox2/examples/tool/sandbox2tool --sandbox2tool_resolve_and_add_libraries -- /bin/ls -l
E1024 12:00:46.791592 14051 policybuilder.cc:1294] INTERNAL: Could not add libraries for --sandbox2tool_resolve_and_add_libraries: cannot open file: --sandbox2tool_resolve_and_add_libraries: No such file or directory
terminate called after throwing an instance of 'absl::BadStatusOrAccess'
what(): Bad StatusOr access: INTERNAL: Could not add libraries for --sandbox2tool_resolve_and_add_libraries: cannot open file: --sandbox2tool_resolve_and_add_libraries: No such file or directory
Aborted (core dumped)
After peeking at the source, it appears the reason for this is that argv[1] is hardcoded as the sandboxee program path with all subsquent args as sandboxee args which makes it impossible to pass sandbox2tool flags:
auto executor = std::make_unique<sandbox2::Executor>(argv[1], args, envp);
Unless I'm missing something, it does not seem currently possible to pass any sandbox2tool flags via CLI.
I did a git checkout HEAD~30 and it appears to be working there, so something must have broken between then and now.
Thanks for the report. This was broken by our switch to Abseil flags (from gflags). A fix is underway.