Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[task][vm] add remote host to ssh known hosts #1342

Merged
merged 5 commits into from
Jan 7, 2025
Merged

[task][vm] add remote host to ssh known hosts #1342

merged 5 commits into from
Jan 7, 2025
+71 −18

Conversation

pducolin
Copy link
Contributor

@pducolin pducolin commented Jan 6, 2025
edited
Loading

What does this PR do?

Add newly created host to known_hosts file at create-vm time

Which scenarios this will impact?

VMs

Motivation

Required for ADXT-690, as we want less interactions as possible to quickly set up a remote VM for windows development

Additional Notes

Tested it locally:

  1. Create a VM on aws
inv aws.create-vm --no-install-agent
  1. Verified that I could connect without being prompted to add the remote host to known hosts, and that ~/.ssh/known_hosts contained my new host
# known_hosts content
...
10.1.57.39 ssh-rsa <public key>
10.1.57.39 ecdsa-sha2-nistp256 <public key>
10.1.57.39 ssh-ed25519 <public key>
  1. Destroyed the VM
inv aws.destroy-vm
  1. Verified that ~/.ssh/known_hosts did not contain my remote host anymore
# known_hosts content
...

@pducolin pducolin requested a review from a team as a code owner January 6, 2025 16:02
@pducolin pducolin force-pushed the pducolin/ADXT-690-auto-add-known-hosts branch from 7619967 to ee45034 Compare January 6, 2025 16:04
datadog-datadog-prod-us1[bot]
datadog-datadog-prod-us1 bot reviewed Jan 6, 2025
View reviewed changes
integration-tests/invoke_test.go
@@ -103,7 +103,7 @@ func testAwsInvokeVM(t *testing.T, tmpConfigFile string, workingDirectory string
stackName = sanitizeStackName(stackName)

t.Log("creating vm")
createCmd := exec.Command("invoke", "aws.create-vm", "--no-interactive", "--stack-name", stackName, "--config-path", tmpConfigFile, "--use-fakeintake")
createCmd := exec.Command("invoke", "aws.create-vm", "--no-interactive", "--stack-name", stackName, "--config-path", tmpConfigFile, "--use-fakeintake", "--no-add-known-host")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 Code Vulnerability

Check command call and ensure there is no unsanitized data used. The variable `stackName` may need to be validated (...read more)

In Go, the exec.Command function is used to run external commands. Using this function carelessly can lead to command injection vulnerabilities.

Command injection occurs when untrusted input is passed directly to a system shell, allowing an attacker to execute arbitrary commands. This can result in unauthorized access to the system, data leaks, or other security breaches.

To prevent command injection vulnerabilities when using exec.Command in Go, follow these coding best practices:

  1. Sanitize User Input: Always validate and sanitize user inputs before passing them to exec.Command. Avoid executing commands constructed using user-provided data.
  2. Avoid using Shell Expansion: If possible, pass the command and arguments as separate strings to exec.Command. This prevents the shell from interpreting special characters in a potentially malicious way.
  3. Use Absolute Paths: When specifying the command to be executed, use absolute paths for executables whenever possible. This reduces the risk of inadvertently running a similarly named malicious command from the system's PATH.
  4. Avoid String Concatenation: Refrain from dynamically constructing commands by concatenating strings. Instead, use the arg ...string parameter of exec.Command to pass arguments safely.
  5. Limit Privileges: Run commands with the least privilege required to carry out the task. Avoid running commands with elevated privileges unnecessarily.

By following these practices, you can reduce the risk of command injection vulnerabilities when using exec.Command in Go and enhance the security of your application.

View in Datadog  Leave us feedback  Documentation

@pducolin pducolin mentioned this pull request Jan 6, 2025
Merged
@pducolin pducolin force-pushed the pducolin/ADXT-690-auto-add-known-hosts branch from ee45034 to e5ca966 Compare January 6, 2025 16:41
datadog-datadog-prod-us1[bot]
datadog-datadog-prod-us1 bot reviewed Jan 6, 2025
View reviewed changes
integration-tests/invoke_test.go
@@ -84,7 +84,7 @@ func testAzureInvokeVM(t *testing.T, tmpConfigFile string, workingDirectory stri
stackName = sanitizeStackName(stackName)

t.Log("creating vm")
createCmd := exec.Command("invoke", "az.create-vm", "--no-interactive", "--stack-name", stackName, "--config-path", tmpConfigFile)
createCmd := exec.Command("invoke", "az.create-vm", "--no-interactive", "--stack-name", stackName, "--config-path", tmpConfigFile, "--no-add-known-host")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 Code Vulnerability

Check command call and ensure there is no unsanitized data used. The variable `stackName` may need to be validated (...read more)

In Go, the exec.Command function is used to run external commands. Using this function carelessly can lead to command injection vulnerabilities.

Command injection occurs when untrusted input is passed directly to a system shell, allowing an attacker to execute arbitrary commands. This can result in unauthorized access to the system, data leaks, or other security breaches.

To prevent command injection vulnerabilities when using exec.Command in Go, follow these coding best practices:

  1. Sanitize User Input: Always validate and sanitize user inputs before passing them to exec.Command. Avoid executing commands constructed using user-provided data.
  2. Avoid using Shell Expansion: If possible, pass the command and arguments as separate strings to exec.Command. This prevents the shell from interpreting special characters in a potentially malicious way.
  3. Use Absolute Paths: When specifying the command to be executed, use absolute paths for executables whenever possible. This reduces the risk of inadvertently running a similarly named malicious command from the system's PATH.
  4. Avoid String Concatenation: Refrain from dynamically constructing commands by concatenating strings. Instead, use the arg ...string parameter of exec.Command to pass arguments safely.
  5. Limit Privileges: Run commands with the least privilege required to carry out the task. Avoid running commands with elevated privileges unnecessarily.

By following these practices, you can reduce the risk of command injection vulnerabilities when using exec.Command in Go and enhance the security of your application.

View in Datadog  Leave us feedback  Documentation

KevinFairise2
KevinFairise2 reviewed Jan 7, 2025
View reviewed changes
tasks/tool.py Outdated Show resolved Hide resolved
tasks/tool.py Outdated Show resolved Hide resolved
@pducolin
Copy link
Contributor Author

pducolin commented Jan 7, 2025

/merge

@dd-devflow
Copy link

dd-devflow bot commented Jan 7, 2025
edited
Loading

Devflow running: /merge

View all feedbacks in Devflow UI.

2025-01-07 16:04:14 UTC ℹ️ MergeQueue: pull request added to the queue

The median merge time in main is 3m.

2025-01-07 16:04:49 UTC ⚠️ MergeQueue: This merge request was unqueued

[email protected] unqueued this merge request

@pducolin
Copy link
Contributor Author

pducolin commented Jan 7, 2025

/merge -c

@pducolin
Copy link
Contributor Author

pducolin commented Jan 7, 2025

/merge

@dd-devflow
Copy link

dd-devflow bot commented Jan 7, 2025
edited
Loading

Devflow running: /merge

View all feedbacks in Devflow UI.

2025-01-07 16:32:42 UTC ℹ️ MergeQueue: pull request added to the queue

The median merge time in main is 3m.

2025-01-07 16:34:35 UTC ℹ️ MergeQueue: This merge request was merged

@dd-mergequeue dd-mergequeue bot merged commit 4372e33 into main Jan 7, 2025
8 checks passed
@dd-mergequeue dd-mergequeue bot deleted the pducolin/ADXT-690-auto-add-known-hosts branch January 7, 2025 16:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@datadog-datadog-prod-us1 datadog-datadog-prod-us1[bot] datadog-datadog-prod-us1[bot] left review comments

@KevinFairise2 KevinFairise2 KevinFairise2 approved these changes

Assignees
No one assigned
Labels
mergequeue-status: done
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pducolin @KevinFairise2