-
-
Notifications
You must be signed in to change notification settings - Fork 239
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Typst command implementation #1626
base: main
Are you sure you want to change the base?
Conversation
log.info("Storing the typst executable on disk") | ||
exe_path = Path(Config.typst_path) | ||
exe_path.parent.mkdir(exist_ok=True) | ||
exe_path.write_bytes(typst_executable) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't going to work in our infrastructure. We use read-only file systems.
I am also very uneasy with the fact we're downloading and executing a binary from the internet like this into the bot's pod.
Is there a typst API similar to what we use for latex? Either that, or we can look into having a typst deployment in our infra, where it won't have access to the bot's secrets.
Relevant Issues
Closes #1623.
Description
typst
PyPI package, but while it works, it had a weird issue where (only in the bot's container and not on my computer) it needed ~1GB RAM to render the simplest things. I failed to figure out what caused this, and as a result I switched to using the CLI, which is less hungry (~100MB for sane inputs) and supports some nice features the python bindings don't (such as taking the input from stdin with no files involved).chmod
ed to not allow writes.typst
executable gets called in a subprocess, with a time limit (and gets killed if the limit is exceeded) and a memory usage rlimit.Security-wise, the typst invocation sets
--root
to an empty temporary directory, which in theory should prevent access to any files outside of it. As for the packages, even though arbitrary typst packages are supposed to be safe, I still chose to prevent installation of them at runtime by locking the packages directory from writes. Nevertheless, I am pretty worried about the security of this and want someone to take a second look at whether it's exploitable. And of course, if there's ever a new vulnerability intypst
itself, that'd potentially make Lancebot's environment vulnerable.Did you: