Open Thomasw2802 opened 4 months ago
What happens when you try to run that file with bash?
It doesn't work because the syntax is python but if i run it with python it works (i have a rule that deny python ftype).
I can have a text/plain ftype with a python script as well because ftype is based on magic number if i'm not mistaken.
Hello,
I want to talk about a issue I encountered while using fapolicyd.
I tried to make rules using ftype option but I found out that it's very easy to manipulate a file ftype. For instance, if I have a python file and I write on my first line #!/bin/bash, the ftype detected will be text/x-shellscript. So, if I have a rule that deny python ftype it will be easy for an attacker to bypass it.
Is it safe to use this option ?