Module: TCellAgent::Cmdi
- Defined in:
- lib/tcell_agent/instrumentation/cmdi.rb
Class Method Summary collapse
- .block_command?(cmd) ⇒ Boolean
- .default_cmdi_handler(args) ⇒ Object
- .parse_command(*args) ⇒ Object
- .parse_command_from_open(*args) ⇒ Object
- .popen_cmdi_handler(args) ⇒ Object
- .raise_if_block(cmd) ⇒ Object
Class Method Details
.block_command?(cmd) ⇒ Boolean
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
# File 'lib/tcell_agent/instrumentation/cmdi.rb', line 7 def self.block_command?(cmd) TCellAgent::Instrumentation.safe_block('Checking Command Injection Policy') do if TCellAgent::Utils::Strings.present?(cmd) command_injection_policy = TCellAgent.policy(TCellAgent::PolicyTypes::COMMANDINJECTION) if command_injection_policy.enabled request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch( Thread.current.object_id, {} ) tcell_context = request_env[TCellAgent::Instrumentation::TCELL_ID] return command_injection_policy.block_command?(cmd, tcell_context) end end end false end |
.default_cmdi_handler(args) ⇒ Object
66 67 68 69 70 |
# File 'lib/tcell_agent/instrumentation/cmdi.rb', line 66 def self.default_cmdi_handler(args) cmd = TCellAgent::Cmdi.parse_command(*args) raise_if_block(cmd) end |
.parse_command(*args) ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/tcell_agent/instrumentation/cmdi.rb', line 24 def self.parse_command(*args) cmd = '' TCellAgent::Instrumentation.safe_block('CMDI Parsing *args') do return cmd if args.nil? || args.empty? args_copy = Array.new(args) args_copy.shift if args_copy.first.is_a?(Hash) args_copy.pop if args_copy.last.is_a?(Hash) if args_copy.first.is_a?(Array) cmd_n_argv0 = args_copy.shift args_copy.unshift(cmd_n_argv0.first) end cmd = args_copy.join(' ') end cmd end |
.parse_command_from_open(*args) ⇒ Object
45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/tcell_agent/instrumentation/cmdi.rb', line 45 def self.parse_command_from_open(*args) cmd = '' TCellAgent::Instrumentation.safe_block('CMDI Parsing *args') do return cmd if args.nil? || args.empty? args_copy = Array.new(args) first_arg = args_copy.shift cmd = first_arg[1..-1] if first_arg && (first_arg.is_a? String) && first_arg[0] == '|' end cmd end |
.popen_cmdi_handler(args) ⇒ Object
72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/tcell_agent/instrumentation/cmdi.rb', line 72 def self.popen_cmdi_handler(args) return if args.empty? cmd = '' TCellAgent::Instrumentation.safe_block('CMDI Parsing popen *args') do args_copy = Array.new(args) args_copy.shift if args_copy.first.is_a?(Hash) args_copy.pop if args_copy.last.is_a?(Hash) cmd = if args_copy.first.is_a?(String) args_copy.shift else TCellAgent::Cmdi.parse_command(*args_copy.shift) end end raise_if_block(cmd) end |
.raise_if_block(cmd) ⇒ Object
60 61 62 63 64 |
# File 'lib/tcell_agent/instrumentation/cmdi.rb', line 60 def self.raise_if_block(cmd) return unless TCellAgent::Cmdi.block_command?(cmd) raise "tCell.io Agent: Command not allowed by policy: #{cmd}" end |