Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

EventManager: allow to define the allowed system commands

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2024-11-01 11:37:33 +01:00
parent 60558de728
commit 88b1850b58
10 changed files with 259 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/httpd/httpd_test.go
View File

@@ -2395,6 +2395,17 @@ func TestEventActionValidation(t *testing.T) {
_, resp, err = httpdtest.AddEventAction(action, http.StatusBadRequest)
assert.NoError(t, err)
assert.Contains(t, string(resp), "invalid command args")
action.Options.CmdConfig.Args = nil
// restrict commands
if runtime.GOOS == osWindows {
dataprovider.EnabledActionCommands = []string{"C:\\cmd.exe"}
} else {
dataprovider.EnabledActionCommands = []string{"/bin/sh"}
}
_, resp, err = httpdtest.AddEventAction(action, http.StatusBadRequest)
assert.NoError(t, err)
assert.Contains(t, string(resp), "is not allowed")
dataprovider.EnabledActionCommands = nil
action.Type = dataprovider.ActionTypeEmail
_, resp, err = httpdtest.AddEventAction(action, http.StatusBadRequest)