[Security] CWE-78 Command built from user-controlled sources #298
Comments
|
@tdrozdovsky What do you think of a suggestion from @t25kim? |
|
@tdrozdovsky This issue affects other PRs not related to CWE-78, such as #297 and should be fixed as soon as possible. I put some code for command validation before the code that launches the native app. However, CodeQL still detects CWE-78. |
|
Thank you for trying to eliminate this issue. Earlier, I wrote that there is a big vulnerability in the native mode, and then I was surprised that the system does not detect it. But now everything is displayed correctly and the vulnerability is detected. |
Signed-off-by: Taras Drozdovskyi <t.drozdovsky@samsung.com> After analyzing the existing code, it should be noted that sanitization measures have been made in the edge-orchestration: 1. analysis for a command injection using an escape sequence 2. filtering commands that are on the blacklist 3. only those commands that are previously described in the configuration file (ex. ls_srv.conf) can be executed. Strengthening against attacks of this kind can be: 1. Using the integrity check and digital signature of the configuration file. 2. Applying Linux Kernel protection modules. All attempts to eliminate the security alert by changing the source code were unsuccessful. The elimination requires hard-coding the string literals of the commands to be used, but this greatly limits the flexibility of the edge-orchestration and doesn't add a significant increase in security. Therefore, I propose to mark this alert as a fall positive. Fixes #298
CWE-78 security issue is detected by lgtm and CodeQL.
We need a process to check if the input that launches the native app contains a malicious string.
The text was updated successfully, but these errors were encountered: