fix: prevent argument injection RCE in package manager backends (closes #10)
Some checks failed
CI/CD Pipeline / Code Format (push) Successful in 4s
CI/CD Pipeline / Clippy Lints (push) Successful in 42s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m10s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m13s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Failing after 4s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 59s
CI/CD Pipeline / Build RPM Package (push) Successful in 2m13s
CI/CD Pipeline / Build Debian Package (push) Failing after 5s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m28s
CI/CD Pipeline / Build Alpine Package (push) Failing after 3m33s
Some checks failed
CI/CD Pipeline / Code Format (push) Successful in 4s
CI/CD Pipeline / Clippy Lints (push) Successful in 42s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m10s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m13s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Failing after 4s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 59s
CI/CD Pipeline / Build RPM Package (push) Successful in 2m13s
CI/CD Pipeline / Build Debian Package (push) Failing after 5s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m28s
CI/CD Pipeline / Build Alpine Package (push) Failing after 3m33s
P0-1: Replace weak validate_package_name() with strict allowlist validation - Pattern: ^[a-zA-Z0-9][a-zA-Z0-9+._-]*$ (must start alphanumeric) - Blocks shell metacharacters, path separators, whitespace, leading hyphens - Add validate_version_string() for version fields (allows : and ~ for RPM epochs) - Add validate_service_name() for service names (allows dots, @, hyphens) P0-2: Add -- separator before user-supplied args in all 20 command sites - APT: install_packages, update_package, remove_package, apply_patches - APK: install_packages, update_package, remove_package, apply_patches - DNF: install_packages, update_package, remove_package, apply_patches - YUM: install_packages, update_package, remove_package, apply_patches - Pacman: install_packages, update_package, remove_package, apply_patches P0-3: Add validation to /patches/apply endpoint - Validate all package names using validate_package_name() - Return 400 Bad Request for invalid names P1: Harden service name validation across all 5 backends - Replace weak checks (empty + / + ..) with strict allowlist - Add -- separator to systemctl show command P2: Gate --force-yes option in APT - Log warning when --force-yes is used (bypasses signature verification) Add comprehensive unit tests for all validation functions. Co-authored-by: git-echo <git-echo@moon-dragon.us>
This commit is contained in:
Draco-Lunaris-Echo
committed by
GitHub
GitHub
parent
913d7286e1
commit
130206a3a3
2
Cargo.lock
generated
2
Cargo.lock
generated
@ -1931,7 +1931,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "linux-patch-api"
|
||||
version = "1.3.1"
|
||||
version = "1.3.2"
|
||||
dependencies = [
|
||||
"actix",
|
||||
"actix-rt",
|
||||
|
||||
Reference in New Issue
Block a user