socksify not available on all distributions

I use fedora and there is the dante-package and socksify not available. Thus reading html-mails does not work out of the box. One can install the tsocks package though and use tsocks. The filter-script should maybe check what is available on the machine (socksify, tsocks, nothing) and should use that.

Assigned to
4 months ago
2 months ago
good first ticket refactoring

~davidbanham 4 months ago

tsocks doesn't appear to have a way to specify the target socks server on the command line. The point of using socksify the way aerc does is to sandbox w3m away from the network.

If we just called tsocks and there was a valid socks server in the tsocks config already on the system, the purpose of the script would be defeated.

To work around this we'll probably need to write a tsocks config with the dummy server to /tmp and then invoke tsocks with TSOCKSCONFFILE=/tmp/aerctsocks_sandbox or similar.

That's... not particularly elegant.

Would it make more sense to use unshare instead of socksify?


It's been in the kernel for some time and appears to be pretty widely available across the few distros I had a look at. (arch, fedora, ubuntu, debian).

~sircmpwn 4 months ago

+1 for unshare

~davidbanham 4 months ago

Easy fix, then!

Just trying to test my change locally before I submit the PR. How do I swap between filters in the email view?

I've got a HTML email but the text/plain mimetype is highlighted and I can't for the life of me figure out how to switch to text/html. Tried the help and tutorial but couldn't find any commands or bindings.

~sircmpwn 4 months ago

^j and ^k by default, which are bound to :next-part and :prev-part respectively.

~davidbanham 4 months ago

Ahh, thanks!

Patch submitted, tested working on Arch.


~sircmpwn 4 months ago

Ah, uh, I was playing with unshare while looking over your patch and see you forgot to specify unshare -n, to remove network access. Try this:

unshare curl http://example.org


unshare -n curl http://example.org

Unfortunately... you'll notice the second one requires root. So I'm -1 to this solution now.

~davidbanham 4 months ago

Ah, good catch, thanks. Have had lunch now and brain works more good.

There is the -r option to unshare which should let it run unprivileged but it appears that most distros disable unprivileged user namespaces by default via a kernel patch. We'd need to twiddle that kernel param on installation which is a non-starter I think.

What's the threat model for this? I've been digging around and I can't figure out a way to make either w3m or lynx request an external network resource. They don't display images, load external stylesheets, populate iframes or execute javascript.

I appreciate the extra layer of comfort you get with socksify, but maybe the way out of this is to use socksify if it's present, but just execute without it if it isn't.

~hiciu 4 months ago

How about LD_PRELOAD trick, with something like:

int connect(...)
    errno = EADDRNOTAVAIL;
    return -1;

There is also bwrap from bubblewrap package, available in alpine, arch, fedora fc29+ and debian stretch+. (I'm not sure which distros are supported with aerc). Try:

$ bwrap --ro-bind / / --unshare-net curl google.com
curl: (6) Could not resolve host: google.com
$ bwrap --ro-bind / / curl google.com

bubblewrap is flatpak's dependency.

~cmpadden 3 months ago

It appears that tsocks is available on MacOS, but I don't think unshare, bwrap, or socksify are available, though I may be overlooking something. It would be nice if the chosen implementation uses a package that is also available on MacOS.

~pingiun 2 months ago

socksify can be installed on macOS with brew: brew install dante

Register here or Log in to comment, or comment via email.