Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6447

Add a configurable whitelist to external validators

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.11.0
    • Component/s: None
    • Labels:
      None
    • Stakeholder:
      R&D
    • Issue discovered during:
      Review
    • Sprint:
      EJBCA Happy Fun Sprint (6)

      Description

      To guard against a malicious user using a system command in an external validator, we should have a configurable whitelist of system commands (complete paths) which can be set in external validators.

      What we basically want under System Configuration is a Validators tab (because this is global), and in that tab a text box in which one may enter semicolon-separated command names (such as /var/bin/script.sh;var/bin/otherscript.sh)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                anjakobs Andres Jakobs
                Reporter:
                mikek Mike Agrenius Kushner
                Verified by:
                Andres Jakobs, Samuel Lidén Borell
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 2 days Original Estimate - 2 days
                  2d
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 2 hours, 1 minute
                  2d 2h 1m