--bind-try overly permissive? #715
Description
Hey folks, I'm a bit new to this and just learning/playing around with bwrap, so forgive me if there's some very obvious reason for this.
Here's a snippet from the end of a bwrap+exiftool script:
--ro-bind "$exiftool_dir" "$exiftool_dir"
--bind "$imgfile" "$imgfile"
--bind-try "$blah" "$blah"
$exiftool_dir/exiftool "$args" "$imgfile"
When changing metadata, exiftool creates a filename_exiftool_tmp and filename_original, so it needs write permissions in the directory. I originally tried to give it pre-emptive permissions to specific non-existing files via bind-try, but I guess it doesn't work that way.
Exiftool fails if I remove the bind-try line. $blah isn't declared anywhere in the script, so this shouldn't work... and yet it did. I eventually figured out that a bash shell in the bwrap had access to my entire filesystem. And indeed, I can change $blah to anything arbitrary, or even leave it blank as --bind-try "" ""
I tried --bind "" "" and --ro-bind "" "" but neither of them interpret the empty string as root fs /; instead, bwrap just refuses to run.
I know bwrap is a bit of an "advanced" thing, but I can't help but wonder if this is really the desired behavior, especially considering --bind-try inherently fails silently.