20 lines
892 B
Plaintext
20 lines
892 B
Plaintext
==== Pre-Approved commands
|
|
|
|
If the application aims to execute only a small number of OS commands (for
|
|
example, `ls`, `pwd`, and `grep`), the cleanest way to avoid this problem is to
|
|
validate the input before using it in an OS command.
|
|
|
|
Create a list of authorized and secure commands that you want the application
|
|
to be able to execute. Use absolute paths to avoid any ambiguity. +
|
|
If a user input does not match an entry in this list, it should be rejected
|
|
because it is considered unsafe.
|
|
|
|
Depending on the number of commands you want the application to support, the
|
|
list can be either a regex string or any array type. If you use regexes, choose
|
|
simple regexes to avoid ReDOS attacks. For example, you can accept only a
|
|
specific set of executables, by using `^/bin/(ls|pwd|grep)$`.
|
|
|
|
*Important note*: The application must do validation on the server side. Not on
|
|
client-side front-ends.
|
|
|