Open jandro996 opened 2 weeks ago
Blocked! At this momento WAF shell injection detection rule available has been designed to specifically target functions which are explicitly or implicitly calling a shell such as /bin/sh or otherwise We also need support for String[] as the best place to call the WAF is reusing ProcessImplInstrumentation instead of the CallSites
What Does This Do
Motivation
Additional Notes
Contributor Checklist
type:
and (comp:
orinst:
) labels in addition to any usefull labelsclose
,fix
or any linking keywords when referencing an issue.Use
solves
instead, and assign the PR milestone to the issueJira ticket: [PROJ-IDENT]