From f8d75400658c58a1a34d7e14b2c6654aabe283aa Mon Sep 17 00:00:00 2001 From: wangqianli Date: Thu, 12 Dec 2024 10:15:48 +0800 Subject: [PATCH] add high-risk command slice and fix the return format issue in RunCommandAsyncHandler --- .../network/controller/pluginapi/script.go | 2 +- cmd/server/app/network/controller/script.go | 34 +++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/cmd/server/app/network/controller/pluginapi/script.go b/cmd/server/app/network/controller/pluginapi/script.go index b410aab4..e71c3a2a 100644 --- a/cmd/server/app/network/controller/pluginapi/script.go +++ b/cmd/server/app/network/controller/pluginapi/script.go @@ -206,7 +206,7 @@ func RunCommandAsyncHandler(c *gin.Context) { name := c.Query("plugin_name") p, err := plugin.GetPlugin(name) if err != nil { - response.Fail(c, nil, "plugin not found: %v"+err.Error()) + response.Fail(c, nil, "plugin not found: "+err.Error()) return } parsedURL, err := url.Parse(p.Url) diff --git a/cmd/server/app/network/controller/script.go b/cmd/server/app/network/controller/script.go index 279fb635..5d7bc6fa 100644 --- a/cmd/server/app/network/controller/script.go +++ b/cmd/server/app/network/controller/script.go @@ -54,4 +54,38 @@ var DangerousCommandsList = []string{ `.*shutdown\s+-[f,F,h,k,n,r,t,C].*`, `.*pvremove\s+-f.*`, `.*vgremove\s+-f.*`, + `.*exportfs\s+-[a,u].*`, + `.*umount.nfs+.*.+-[r,f,rf].*`, + `.*mv+.*.+/dev/null.*`, + `.*reboot.*`, + `.*rmmod\s+-[a,s,v,f,w].*`, + `.*dpkg-divert+.*.+-remove.*`, + `.*dd.*`, + `.*mkfs.*`, + `.*vmo.*`, + `.*init.*`, + `.*halt.*`, + `.*fasthalt.*`, + `.*fastboot.*`, + `.*startsrc.*`, + `.*stopsrc.*`, + `.*chkconfig.*`, + `.*off.*`, + `.*refresh.*`, + `.*umount.*`, + `.*rmdev.*`, + `.*chdev.*`, + `.*extendvg.*`, + `.*reducevg.*`, + `.*importvg.*`, + `.*exportvg.*`, + `.*mklv.*`, + `.*rmlv.*`, + `.*rmfs.*`, + `.*chfs.*`, + `.*installp.*`, + `.*instfix.*`, + `.*crontab.*`, + `.*cfgmgr.*`, + `.*mknod.*`, } -- Gitee