Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Why do we escapeshellarg the parts of occ commands? #35

Open
phil-davis opened this issue Oct 5, 2018 · 1 comment
Open

Why do we escapeshellarg the parts of occ commands? #35

phil-davis opened this issue Oct 5, 2018 · 1 comment

Comments

@phil-davis
Copy link
Contributor

In lib/Occ.php function execute() we escapeshellarg the parts of the command to be executed.

We make exceptions to that for parts of occ commands that we know we need to send aalready enclosed in quotes, like:

--display-name='User One'
' '
'A value that has space in it'

It gradually gets more complicated to let through these string patterns and escapeshellarg everything else.

If you enable the testing app, and you know the admin password, then you can already do lots of nasty things to your system. If you know the admin password, then you may also have command line access to your system anyway - so you can type any command that you like.

So why do we try to protect occ command execution from command injection?

@phil-davis
Copy link
Contributor Author

e.g. PR #34 increases the complexity of the pattern matching.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant