security: fix reverse shell vulnerability in function library.

2025-12-26 01:33:05 +00:00 · 2025-04-09 09:57:11 +08:00 · 2025-04-09 09:57:11 +08:00 · c0ffc0aaf5
parent 3557ea50fa
commit c0ffc0aaf5
2 changed files with 2 additions and 2 deletions
--- a/apps/common/util/function_code.py
+++ b/apps/common/util/function_code.py
@ -88,7 +88,7 @@ except Exception as e:
            os.system(f"chown {self.user}:{self.user} {exec_python_file}")
        kwargs = {'cwd': BASE_DIR}
        subprocess_result = subprocess.run(
-            ['su', '-c', python_directory + ' ' + exec_python_file, self.user],
+            ['su', '-s', python_directory, '-c', "exec(open('" + exec_python_file + "').read())", self.user],
            text=True,
            capture_output=True, **kwargs)
        os.remove(exec_python_file)
--- a/installer/Dockerfile
+++ b/installer/Dockerfile
@ -70,7 +70,7 @@ RUN chmod 755 /opt/maxkb/app/installer/run-maxkb.sh && \
    useradd --no-create-home --home /opt/maxkb/app/sandbox sandbox -g root && \
    chown -R sandbox:root /opt/maxkb/app/sandbox && \
    chmod g-x /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/15/bin/* && \
-    chmod g+x /usr/local/bin/python* /bin/sh
+    chmod g+x /usr/local/bin/python*

 EXPOSE 8080