Configuration for exec function to allow execution only from a defined directory or path

[nip1904]

It could improve security if you set

"allow_exec": true,
"exec_base_path": "/mydir/"

and only allow execution from that path (if set) - default will be allow from all paths

[lovasoa]

Hello and thank you for the suggestion !

Can you tell us more about your use case ? Are you allowing the execution of user-controlled executables ?

In my experience, it has always been possible to hardcode the first argument to sqlpage.exec, making it perfectly safe.

[nip1904]

Normaly I don't activate the exec function.
But I had the situation where needed a special transformation of data from a postgres sql.
So I develop a select query + transformation in golang and using it with the exec function.

All my sqlpage apps run in a docker container and I always try to improve security.
That's why I propose this improvement.

[lovasoa]

If you are always executing the same given binary, and have its path hardcoded in your source code, then there is no security benefit to restricting the allowed execution paths...

[nip1904]

The suggested "exec_base_path" is the path where the executable reside not the sqlpage templates.
So if I have to activate the exec function for special reasons template writers can only use executeables from that path.
Consider situations where you have shared responsability.

[lovasoa]

sql^page.exec is not called from templates, but from .sql files.

There are probably situations were limiting execution to a given path could be useful, but let's wait until at least one person with an actual need for it manifests themselves before implementing it ^^