Extend whitelist to include parent process path alongside current process path #48
Assignees
Labels
enhancement
New feature or request
Comments
|
Added parent column to Whitelist table WhiteBeamSec/SQL@83fbbeb |
|
Added in WhiteBeam in 880f993. Testing and generating whitelists before closing out this issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are scenarios where the child runs programs and/or writes files which wouldn't be desirable under most conditions. For example, the development version of WhiteBeam allows 36 programs to be run through bash/dash. We want to be able to allow certain programs to execute when the parent process is getty/sshd, but not allow them when the parent process is (e.g.) php/java. We also want support for
ANYin this field.This issue will require a change to the SQL schema as well as regenerating the Base whitelist as needed.
The text was updated successfully, but these errors were encountered: