


























@@ -18,6 +18,9 @@ describe("command-analysis risks", () => {
1818);
1919expect(detectInlineEvalArgv(["sudo", "-uroot", "python3", "-c", "print(1)"])?.flag).toBe("-c");
2020expect(detectInlineEvalArgv(["sudo", "-EH", "python3", "-c", "print(1)"])?.flag).toBe("-c");
21+expect(detectInlineEvalArgv(["sudo", "-i", "python3", "-c", "print(1)"])?.flag).toBe("-c");
22+expect(detectInlineEvalArgv(["sudo", "-s", "python3", "-c", "print(1)"])?.flag).toBe("-c");
23+expect(detectInlineEvalArgv(["sudo", "--shell", "python3", "-c", "print(1)"])?.flag).toBe("-c");
2124expect(detectInlineEvalArgv(["sudo", "-Eu", "root", "python3", "-c", "print(1)"])?.flag).toBe(
2225"-c",
2326);
@@ -106,6 +109,18 @@ describe("command-analysis risks", () => {
106109expect(buildCommandPayloadCandidates(["sudo", "-EH", "/approve", "abc"])).toEqual([
107110"/approve abc",
108111]);
112+expect(buildCommandPayloadCandidates(["sudo", "-i", "/approve", "abc"])).toEqual([
113+"/approve abc",
114+]);
115+expect(buildCommandPayloadCandidates(["sudo", "-s", "/approve", "abc"])).toEqual([
116+"/approve abc",
117+]);
118+expect(buildCommandPayloadCandidates(["sudo", "--shell", "/approve", "abc"])).toEqual([
119+"/approve abc",
120+]);
121+expect(buildCommandPayloadCandidates(["sudo", "--preserve-groups", "/approve", "abc"])).toEqual(
122+["/approve abc"],
123+);
109124expect(
110125buildCommandPayloadCandidates(["sudo", "-uroot", "bash", "-lc", "/approve req allow-once"]),
111126).toEqual(["bash -lc /approve req allow-once", "/approve req allow-once"]);
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。