[
https://issues.apache.org/jira/browse/METRON-571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15802094#comment-15802094
]
Jon Zeolla edited comment on METRON-571 at 1/5/17 7:33 PM:
-----------------------------------------------------------
Big thanks for taking the first crack at this. I'm going to think on this some
more, but here are some initial thoughts to improve what you put together:
- Handle exit/return codes in a configurable way
- Add details to the tuple (timestamp, path, hash of path, return code)
- Provide arguments to the script* pulled from the tuple
- Whitelist input so it can only contain something like "[0-9A-Za-z_./]+"
- We should attempt to restrict the access of the executing thread (security
manager?)
\* This needs thoroughly vet and understood. I'm working on the right approach
for this and will report back when I have more details.
Relevant Materials:
https://www.securecoding.cert.org/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec%28%29+method
https://www.securecoding.cert.org/confluence/display/c/ENV03-C.+Sanitize+the+environment+when+invoking+external+programs
https://www.securecoding.cert.org/confluence/display/java/IDS50-J.+Use+conservative+file+naming+conventions
https://www.securecoding.cert.org/confluence/display/java/SEC54-J.+Create+a+secure+sandbox+using+a+security+manager
was (Author: [email protected]):
Big thanks for taking the first crack at this. I'm going to think on this some
more, but here are some initial thoughts to improve what you put together:
- Handle exit/return codes in a configurable way
- Add details to the tuple (timestamp, path, hash of path, return code)
- Provide arguments to the script* pulled from the tuple
- Whitelist input so it can only contain something like "[0-9A-Za-z_./]+"
\* This needs thoroughly vet and understood. I'm working on the right approach
for this and will report back when I have more details.
Relevant Materials:
https://www.securecoding.cert.org/confluence/display/java/IDS07-J.+Sanitize+untrusted+data+passed+to+the+Runtime.exec%28%29+method
https://www.securecoding.cert.org/confluence/display/c/ENV03-C.+Sanitize+the+environment+when+invoking+external+programs
https://www.securecoding.cert.org/confluence/display/java/IDS50-J.+Use+conservative+file+naming+conventions
https://www.securecoding.cert.org/confluence/display/java/SEC54-J.+Create+a+secure+sandbox+using+a+security+manager
> Add stellar keywords for executing local commands
> -------------------------------------------------
>
> Key: METRON-571
> URL: https://issues.apache.org/jira/browse/METRON-571
> Project: Metron
> Issue Type: Improvement
> Reporter: Jon Zeolla
> Priority: Minor
> Attachments: ExternalFunctions.java
>
>
> Stellar should have the ability to execute scripts on a server in order to
> undertake automated mitigation or alerting. Perhaps SHELL_EXEC?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
