Merge "Adding missing docs"
This commit is contained in:
commit
535fdf618c
|
@ -1,27 +1,57 @@
|
||||||
|
|
||||||
password_config_option_not_marked_secret
|
password_config_option_not_marked_secret
|
||||||
==============================================
|
========================================
|
||||||
|
|
||||||
Description
|
Description
|
||||||
-----------
|
-----------
|
||||||
|
Passwords are sensitive and must be protected appropriately. In OpenStack
|
||||||
|
Oslo there is an option to mark options "secret" which will ensure that they
|
||||||
|
are not logged. This plugin detects usages of oslo configuration functions
|
||||||
|
that appear to deal with strings ending in 'password' and flag usages where
|
||||||
|
they have not been marked secret.
|
||||||
|
|
||||||
|
If such a value is found a MEDIUM severity error is generated. If 'False' or
|
||||||
|
'None' are explicitly set, Bandit will return a MEDIUM confidence issue. If
|
||||||
|
Bandit can't determine the value of secret it will return a LOW confidence
|
||||||
|
issue.
|
||||||
|
|
||||||
Available Since
|
Available Since
|
||||||
---------------
|
---------------
|
||||||
- Bandit v?.?.?
|
- Bandit v0.10.0
|
||||||
|
|
||||||
Config Options
|
Config Options
|
||||||
--------------
|
--------------
|
||||||
.. code-block:: yaml
|
.. code-block:: yaml
|
||||||
|
|
||||||
password_config_option_not_marked_secret:
|
password_config_option_not_marked_secret:
|
||||||
- ????????
|
function_names:
|
||||||
|
- oslo.config.cfg.StrOpt
|
||||||
|
- oslo_config.cfg.StrOpt
|
||||||
|
|
||||||
Sample Output
|
Sample Output
|
||||||
-------------
|
-------------
|
||||||
??
|
.. code-block:: none
|
||||||
|
|
||||||
|
>> Issue: [password_config_option_not_marked_secret] oslo config option
|
||||||
|
possibly not marked secret=True identified.
|
||||||
|
Severity: Medium Confidence: Low
|
||||||
|
Location: examples/secret-config-option.py:12
|
||||||
|
11 help="User's password"),
|
||||||
|
12 cfg.StrOpt('nova_password',
|
||||||
|
13 secret=secret,
|
||||||
|
14 help="Nova user password"),
|
||||||
|
15 ]
|
||||||
|
|
||||||
|
>> Issue: [password_config_option_not_marked_secret] oslo config option not
|
||||||
|
marked secret=True identifed, security issue.
|
||||||
|
Severity: Medium Confidence: Medium
|
||||||
|
Location: examples/secret-config-option.py:21
|
||||||
|
20 help="LDAP ubind ser name"),
|
||||||
|
21 cfg.StrOpt('ldap_password',
|
||||||
|
22 help="LDAP bind user password"),
|
||||||
|
23 cfg.StrOpt('ldap_password_attribute',
|
||||||
|
|
||||||
References
|
References
|
||||||
----------
|
----------
|
||||||
- https://security.openstack.org/guidelines/dg_protect-sensitive-data-in-files.html
|
- https://security.openstack.org/guidelines/dg_protect-sensitive-data-in-files.html
|
||||||
|
- http://docs.openstack.org/developer/oslo.config/cfg.html#special-handling-instructions
|
||||||
|
|
|
@ -1,25 +1,38 @@
|
||||||
|
|
||||||
request_with_no_cert_validation
|
request_with_no_cert_validation
|
||||||
==============================================
|
===============================
|
||||||
|
|
||||||
Description
|
Description
|
||||||
-----------
|
-----------
|
||||||
|
Encryption in general is typically critical to the security of many
|
||||||
|
applications. Using TLS can greatly increase security by guaranteeing the
|
||||||
|
identity of the party you are communicating with. This is accomplished by one
|
||||||
|
or both parties presenting trusted certificates during the connection
|
||||||
|
initialization phase of TLS.
|
||||||
|
|
||||||
|
When request methods are used certificates are validated automatically which is
|
||||||
|
the desired behavior. If certificate validation is explicitly turned off
|
||||||
|
Bandit will return a HIGH severity error.
|
||||||
|
|
||||||
Available Since
|
Available Since
|
||||||
---------------
|
---------------
|
||||||
- Bandit v?.?.?
|
- Bandit v0.9.0
|
||||||
|
|
||||||
Config Options
|
Config Options
|
||||||
--------------
|
--------------
|
||||||
.. code-block:: yaml
|
None
|
||||||
|
|
||||||
request_with_no_cert_validation:
|
|
||||||
- ????????
|
|
||||||
|
|
||||||
|
|
||||||
Sample Output
|
Sample Output
|
||||||
-------------
|
-------------
|
||||||
??
|
.. code-block:: none
|
||||||
|
|
||||||
|
>> Issue: [request_with_no_cert_validation] Requests call with verify=False
|
||||||
|
disabling SSL certificate checks, security issue.
|
||||||
|
Severity: High Confidence: High
|
||||||
|
Location: examples/requests-ssl-verify-disabled.py:4
|
||||||
|
3 requests.get('https://gmail.com', verify=True)
|
||||||
|
4 requests.get('https://gmail.com', verify=False)
|
||||||
|
5 requests.post('https://gmail.com', verify=True)
|
||||||
|
|
||||||
References
|
References
|
||||||
----------
|
----------
|
||||||
|
|
|
@ -4,24 +4,73 @@ start_process_with_no_shell
|
||||||
|
|
||||||
Description
|
Description
|
||||||
-----------
|
-----------
|
||||||
|
Python possesses many mechanisms to invoke an external executable. However,
|
||||||
|
doing so may present a security issue if appropriate care is not taken to
|
||||||
|
sanitize any user provided or variable input.
|
||||||
|
|
||||||
|
This plugin test is part of a family of tests built to check for process
|
||||||
|
spawning and warn appropriately. Specifically, this test looks for the spawning
|
||||||
|
of a subprocess in a way that doesn't use a shell. Although this is generally
|
||||||
|
safe, it maybe useful for penetration testing workflows to track where external
|
||||||
|
system calls are used. As such a LOW severity message is generated.
|
||||||
|
|
||||||
|
See also:
|
||||||
|
|
||||||
|
- :doc:`linux_commands_wildcard_injection`.
|
||||||
|
- :doc:`subprocess_without_shell_equals_true`.
|
||||||
|
- :doc:`start_process_with_a_shell`.
|
||||||
|
- :doc:`start_process_with_partial_path`.
|
||||||
|
- :doc:`subprocess_popen_with_shell_equals_true`.
|
||||||
|
|
||||||
Available Since
|
Available Since
|
||||||
---------------
|
---------------
|
||||||
- Bandit v?.?.?
|
- Bandit v0.10.0
|
||||||
|
|
||||||
Config Options
|
Config Options
|
||||||
--------------
|
--------------
|
||||||
|
This plugin test shares a configuration with others in the same family, namely
|
||||||
|
`shell_injection`. This configuration is divided up into three sections,
|
||||||
|
`subprocess`, `shell` and `no_shell`. They each list Python calls that spawn
|
||||||
|
subprocesses, invoke commands within a shell, or invoke commands without a
|
||||||
|
shell (by replacing the calling process) respectively.
|
||||||
|
|
||||||
|
This plugin specifically scans for methods listed in `no_shell` section.
|
||||||
|
|
||||||
.. code-block:: yaml
|
.. code-block:: yaml
|
||||||
|
|
||||||
start_process_with_no_shell:
|
shell_injection:
|
||||||
- ????????
|
no_shell:
|
||||||
|
- os.execl
|
||||||
|
- os.execle
|
||||||
|
- os.execlp
|
||||||
|
- os.execlpe
|
||||||
|
- os.execv
|
||||||
|
- os.execve
|
||||||
|
- os.execvp
|
||||||
|
- os.execvpe
|
||||||
|
- os.spawnl
|
||||||
|
- os.spawnle
|
||||||
|
- os.spawnlp
|
||||||
|
- os.spawnlpe
|
||||||
|
- os.spawnv
|
||||||
|
- os.spawnve
|
||||||
|
- os.spawnvp
|
||||||
|
- os.spawnvpe
|
||||||
|
- os.startfile
|
||||||
Sample Output
|
Sample Output
|
||||||
-------------
|
-------------
|
||||||
??
|
.. code-block:: none
|
||||||
|
|
||||||
|
>> Issue: [start_process_with_no_shell] Starting a process without a shell.
|
||||||
|
Severity: Low Confidence: Medium
|
||||||
|
Location: examples/os-spawn.py:8
|
||||||
|
7 os.spawnv(mode, path, args)
|
||||||
|
8 os.spawnve(mode, path, args, env)
|
||||||
|
9 os.spawnvp(mode, file, args)
|
||||||
|
|
||||||
References
|
References
|
||||||
----------
|
----------
|
||||||
- https://security.openstack.org/guidelines/dg_use-subprocess-securely.html
|
- https://security.openstack.org
|
||||||
|
- https://docs.python.org/2/library/os.html#os.system
|
||||||
|
- https://docs.python.org/2/library/subprocess.html#frequently-used-arguments
|
||||||
|
- https://security.openstack.org/guidelines/dg_use-subprocess-securely.html
|
||||||
|
|
Loading…
Reference in New Issue