Apache shouldn't be allowed to spawn shells #231
Assignees
Comments
mstemm
added a commit
that referenced
this issue
Apr 6, 2017
This ensures that interpreted php,perl,etc code run by apache won't be able to spawn shells, either. This fixes #231.
leogr
pushed a commit
to falcosecurity/rules
that referenced
this issue
Dec 21, 2022
This ensures that interpreted php,perl,etc code run by apache won't be able to spawn shells, either. This fixes falcosecurity/falco#231.
leogr
pushed a commit
to falcosecurity/rules
that referenced
this issue
Dec 21, 2022
This ensures that interpreted php,perl,etc code run by apache won't be able to spawn shells, either. This fixes falcosecurity/falco#231.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
apache2 is currently on the list of programs that are allowed to spawn shells inside a container. However, when apache uses mod_{php,perl}, etc to directly evaluate interpreted code, this could mean that shells spawned by the interpreted php, perl, etc. scripts won't be detected.
The fix is to remove apache2 from the list. We'll fix any false positives that get re-introduced in a different way.
The text was updated successfully, but these errors were encountered: