Skip to content

Commit

Permalink
[8.15](backport #40130) Osquerybeat: Disable allow_unsafe osquery con…
Browse files Browse the repository at this point in the history
…figuration (#41238)

* Osquerybeat: Disable allow_unsafe osquery configuration (#40130)

* Osquerybeat: Disable allow_unsafe osquery configuration

* Make linter happier

* Added changelog

* Make linter happier

(cherry picked from commit fec980b)

* Fix CHANGELOG.next.asciidoc

---------

Co-authored-by: Aleksandr Maus <[email protected]>
  • Loading branch information
mergify[bot] and aleksmaus authored Oct 15, 2024
1 parent 2861b61 commit 70827e1
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 5 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]

*Osquerybeat*

- Disable allow_unsafe osquery configuration. {pull}40130[40130]

*Packetbeat*

Expand Down
8 changes: 3 additions & 5 deletions x-pack/osquerybeat/internal/osqd/osqueryd_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,7 @@ func SocketPath(dir string) string {
}

func platformArgs() map[string]interface{} {
return map[string]interface{}{
"allow_unsafe": true,
}
return nil
}

func setpgid() *syscall.SysProcAttr {
Expand All @@ -41,6 +39,6 @@ func setpgid() *syscall.SysProcAttr {
// For clean process tree kill
func killProcessGroup(cmd *exec.Cmd) error {
// https://github.com/golang/dep/pull/857
exec.Command("taskkill", "/F", "/T", "/PID", fmt.Sprint(cmd.Process.Pid)).Run()
return nil
//nolint:gosec // works as expected
return exec.Command("taskkill", "/F", "/T", "/PID", fmt.Sprint(cmd.Process.Pid)).Run()
}

0 comments on commit 70827e1

Please sign in to comment.