search

2lambda123 / mozilla-TTS

Mozilla Public License 2.0
0 stars 0 forks source link

Sandbox Process Creation #2

Closed pixeebot[bot] closed 2 months ago

pixeebot[bot] commented 2 months ago

This codemod sandboxes all instances of subprocess.run and subprocess.call to offer protection against attack.

Left unchecked, subprocess.run and subprocess.call can execute any arbitrary system command. If an attacker can control part of the strings used as program paths or arguments, they could execute arbitrary programs, install malware, and anything else they could do if they had a shell open on the application host.

Our change introduces a sandbox which protects the application:

  import subprocess
+ from security import safe_command
  ...
- subprocess.run("echo 'hi'", shell=True)
+ safe_command.run(subprocess.run, "echo 'hi'", shell=True)
  ...
- subprocess.call(["ls", "-l"])
+ safe_command.call(subprocess.call, ["ls", "-l"])

The default safe_command restrictions applied are the following:

There are more options for sandboxing if you are interested in locking down system commands even more.

Dependency Updates

This codemod relies on an external dependency. We have automatically added this dependency to your project's requirements.txt file.

This library holds security tools for protecting Python API calls.

There are a number of places where Python project dependencies can be expressed, including setup.py, pyproject.toml, setup.cfg, and requirements.txt files. If this change is incorrect, or if you are using another packaging system such as poetry, it may be necessary for you to manually add the dependency to the proper location in your project.

More reading * [https://github.com/pixee/python-security/blob/main/src/security/safe_command/api.py](https://github.com/pixee/python-security/blob/main/src/security/safe_command/api.py) * [https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html)

I have additional improvements ready for this repo! If you want to see them, leave the comment:

@pixeebot next

... and I will open a new PR right away!

🧚🤖 Powered by Pixeebot

Feedback | Community | Docs | Codemod ID: pixee:python/sandbox-process-creation

cr-gpt[bot] commented 2 months ago

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

code-companion-ai[bot] commented 2 months ago

Processing PR updates...

git-greetings[bot] commented 2 months ago

Thanks @pixeebot[bot] for opening this PR!

For COLLABORATOR only :

performance-testing-bot[bot] commented 2 months ago

Unable to locate .performanceTestingBot config file

pep8speaks commented 2 months ago

Hello @pixeebot[bot]! Thanks for opening this PR. We checked the lines you've touched for PEP 8 issues, and found:

Line 61:80: E501 line too long (96 > 79 characters)

Line 87:80: E501 line too long (87 > 79 characters) Line 111:80: E501 line too long (104 > 79 characters)

Line 87:80: E501 line too long (93 > 79 characters)

git-greetings[bot] commented 2 months ago
PR Details of @pixeebot[bot] in mozilla-TTS : OPEN CLOSED TOTAL
2 0 2
performance-testing-bot[bot] commented 2 months ago

There was an issue running the performance test

socket-security[bot] commented 2 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
pypi/security@1.3.1 environment, eval, filesystem, network, shell Transitive: unsafe +2 827 kB clavedeluna, pixee

View full report↗︎

performance-testing-bot[bot] commented 2 months ago

There was an issue running the performance test