Don't print out shell snippets if we find anything malicious #35

jhrozek · 2024-11-18T16:09:48Z

This might be a little too much now, but since shell snippets are typically one-liners we might want to just buffer them before evaluation (this would not slow the execution too much), maybe if we find that the snippet is longer we can let it through line-by-line. We'd then evaluate the snippet and only let it through if it doesn't contain any malicious packages.

lukehinds · 2024-12-09T10:38:21Z

@lukehinds add to features / roadmap

lukehinds · 2025-01-06T14:16:54Z

@lukehinds consolidate into #34

lukehinds added the flagship[go] label Nov 19, 2024

lukehinds added Should-Have and removed flagship[python] labels Dec 2, 2024

lukehinds added this to the 0.1.0-alpha.2 milestone Dec 2, 2024

lukehinds modified the milestones: 0.1.0-alpha.2 (public), 0.2.0 Dec 14, 2024

lukehinds added Must-Have and removed Should-Have labels Dec 16, 2024

lukehinds closed this as completed Jan 27, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Don't print out shell snippets if we find anything malicious #35

Don't print out shell snippets if we find anything malicious #35

jhrozek commented Nov 18, 2024

lukehinds commented Dec 9, 2024

Uh oh!

lukehinds commented Jan 6, 2025

Uh oh!

Don't print out shell snippets if we find anything malicious #35

Don't print out shell snippets if we find anything malicious #35

Comments

jhrozek commented Nov 18, 2024

lukehinds commented Dec 9, 2024

Uh oh!

lukehinds commented Jan 6, 2025

Uh oh!