Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(rce): security fix regarding open PATH environment #118

Merged
merged 18 commits into from
Aug 8, 2023
Merged

fix(rce): security fix regarding open PATH environment #118

merged 18 commits into from
Aug 8, 2023

Conversation

aldy505
Copy link
Member

@aldy505 aldy505 commented Jun 1, 2023

From a conversation between me and @ii64

Reinaldy, [01/06/2023 11:35]
@lolioverflow btw i need to borrow your brain. kalo gw punya ruby or any executables di /opt/ruby/3.2/bin/ruby, dan gw set $PATH ke /opt/ruby/3.2/bin doang, tanpa set additional kayak PATH=/opt/ruby/3.2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin, gw udah coba sih ruby nya bisa gw exec. tapi bakal ada problem soal integrate ke some C libraries ga sih?

Reinaldy, [01/06/2023 11:36]
atau gw harus set LD_LIBRARY_PATH, CC dan CXX sendiri?

Maple Syrup, [01/06/2023 11:37]
Seharusnya masih bisa, ld lookup nya tetep managed by OS

Reinaldy, [01/06/2023 11:38]
hooo okay, artinya LD lookup ga depends on what's on PATH kan? tapi harusnya depends on env LD_* if any?

Maple Syrup, [01/06/2023 11:38]
Yep, higher precedence

Reinaldy, [01/06/2023 11:38]
ok nice

@codecov
Copy link

codecov bot commented Jun 1, 2023
edited
Loading

Codecov Report

Patch and project coverage have no change.

Comparison is base (08876d5) 82.02% compared to head (08edb21) 82.02%.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #118   +/-   ##
=======================================
  Coverage   82.02%   82.02%           
=======================================
  Files          34       34           
  Lines        1463     1463           
  Branches       90       90           
=======================================
  Hits         1200     1200           
  Misses        231      231           
  Partials       32       32
Flag Coverage Δ
auth 33.67% <ø> (ø)
rce 92.58% <ø> (ø)
sdk-dotnet 96.56% <ø> (ø)
sdk-go 66.48% <ø> (ø)
sdk-javascript 88.69% <ø> (ø)
sdk-python 99.45% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@aldy505
Copy link
Member Author

aldy505 commented Jun 5, 2023

still don't understand why the build rce pipeline returns a non zero exit code. might revisit this later.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 15, 2023
View reviewed changes
rce/scripts/install.cjs Fixed Show fixed Hide fixed
@aldy505 aldy505 mentioned this pull request Jul 2, 2023
Merged
@aldy505
Copy link
Member Author

aldy505 commented Jul 20, 2023

Everything is green. Hoping to cause minimum damage.

@aldy505 aldy505 merged commit 6404f10 into master Aug 8, 2023
26 checks passed
@aldy505 aldy505 deleted the fix/rce/security-path branch August 8, 2023 13:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RayWP RayWP RayWP approved these changes

@elianiva elianiva elianiva approved these changes

Assignees
No one assigned
Labels
module: rce
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aldy505 @elianiva @RayWP