github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-08-07 01:03:53 +00:00
Code Issues Projects Releases Wiki Activity

Don't run the spawned program in a shell.

Browse Source 
Instead, run it directly. This avoids false positives when running
non-bash commands and false negatives when trying to run a shell.
This commit is contained in:
Mark Stemm 2016-08-09 10:32:40 -07:00
parent f82288f373
commit bf431cf222
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/nodejs-bad-rest-api/server.js
View File

@ -14,8 +14,8 @@ router.get('/', function(req, res) {
}); });
router.get('/exec/:cmd', function(req, res) { router.get('/exec/:cmd', function(req, res) {
var output = child_process.execSync(req.params.cmd); var ret = child_process.spawnSync(req.params.cmd);
res.send(output); res.send(ret.stdout);
}); });
app.use('/api', router); app.use('/api', router);