Page MenuHomePhabricator

Create a whitelist of commands which HHVM may execute
Closed, DeclinedPublic

Description

If we were to set hhvm.server.whitelist_exec = true, HHVM would only allow shelling out to whatever commands we specify are permissible in hhvm.server.allowed_exec_cmds. This seems like a good security feature, so we should use it.

Event Timeline

ori assigned this task to csteipp.
ori raised the priority of this task from to Low.
ori updated the task description. (Show Details)
ori added a project: Security-Core.
ori added a subscriber: ori.

That makes a lot of sense to me. Do we have enough logging in production that we would spot violations if we missed a legitimate command?

Aklapper added a subscriber: csteipp.
MaxSem added a subscriber: MaxSem.

We're ditching HHVM soon.