Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6440

ExternalCommandCertifciateValidator to call external scripts only

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.11.1
    • Component/s: CA GUI
    • Labels:
      None
    • Environment:
      All
    • Issue discovered during:
      Testing
    • Sprint:
      EJBCA Sprint 5

      Description

      ExternalCommandCertifciateValidator still allows external commands like 'openssl'. GeneralPurposeCustomPublisher avoids this with a simple File("<path>").exists() check, so only exiting script files or symlinks can be called and not an arbitrary command. Therefore this check has to be implemented for ExternalCommandCertifciateValidator as well and the test classes needs to be updated.

        Attachments

          Issue Links

          is related to

          New Feature - A new feature of the product, which has yet to be developed. ECA-6051 Add post-processing to Validator framework

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. ECA-6447 Add a configurable whitelist to external validators

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. ECA-6446 Add a system configuration value for enabling External Command Validators

          • Major - Major loss of function.
          • Closed

            Activity

              People

              Assignee:
              anjakobs Andres Jakobs
              Reporter:
              anjakobs Andres Jakobs
              Verified by:
              Mike Agrenius Kushner
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 2 minutes
                  2m
                  Remaining:
                  Remaining Estimate - 2 minutes
                  2m
                  Logged:
                  Time Spent - Not Specified
                  Not Specified