Skip to content

Fix vtysh shell-ingestion security issue #7759

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 28, 2021
Merged

Fix vtysh shell-ingestion security issue #7759

merged 1 commit into from
Jun 28, 2021

Conversation

xumia
Copy link
Collaborator

@xumia xumia commented May 31, 2021
edited
Loading

Why I did it

Fix vtysh shell-ingestion security issue
Only expose the limited parameters of the command vtysh show.

How I did it

How to verify it

Which release branch to backport (provide reason below if selected)

  • 201811
  • 201911
  • 202006
  • 202012

Description for the changelog

A picture of a cute animal (not mandatory but encouraged)

@xumia xumia requested review from lguohan and qiluo-msft as code owners May 31, 2021 05:44
qiluo-msft
qiluo-msft requested changes May 31, 2021
View reviewed changes
Copy link
Collaborator

@qiluo-msft qiluo-msft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Offline discussed.

@xumia xumia force-pushed the readonly-vtysh-2 branch from f231bbf to 5c9c6eb Compare June 21, 2021 05:51
@xumia xumia requested a review from yxieca June 21, 2021 06:48
@xumia
Copy link
Collaborator Author

xumia commented Jun 21, 2021
edited
Loading

@yxieca , could you please help review the PR? We only find some impacts by the change, and add the relative commands for vtysh to reduce the impact.

@xumia xumia merged commit 5c503b8 into sonic-net:master Jun 28, 2021
@xumia xumia deleted the readonly-vtysh-2 branch June 28, 2021 01:57
@xumia
Copy link
Collaborator Author

xumia commented Jun 28, 2021

@qiluo-msft , request to merge the PR to 202012 branch

qiluo-msft pushed a commit that referenced this pull request Jun 28, 2021
@xumia @qiluo-msft
Fix vtysh shell-ingestion security issue (#7759)
c301877 
Fix vtysh shell-ingestion security issue
Only expose the limited parameters of the command vtysh show.
carl-nokia pushed a commit to carl-nokia/sonic-buildimage that referenced this pull request Aug 7, 2021
@xumia
Fix vtysh shell-ingestion security issue (sonic-net#7759)
28f4938 
Fix vtysh shell-ingestion security issue
Only expose the limited parameters of the command vtysh show.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qiluo-msft qiluo-msft qiluo-msft approved these changes

@yxieca yxieca yxieca approved these changes

@lguohan lguohan Awaiting requested review from lguohan

Assignees
No one assigned
Labels
Included in 202012 Branch Included in 202106 Branch Request for 202012 Branch Request for 202106 Branch Security 🛡️
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@xumia @qiluo-msft @yxieca @judyjoseph