Commit 58b6f73
committed
fix: expand deny rules and harden hook regex for rm and pipe-to-shell bypasses
Deny rules previously only blocked `rm -rf` and `rm -fr` (lowercase, combined
flags only). All other flag forms bypassed both security layers silently.
Expand deny rules to cover:
- All case combinations of combined short flags: -Rf, -rF, -RF, -fR, -Fr, -FR
- All orderings of separated short flags: -r -f, -r -F, -R -f, -R -F and
their reverses (-f -r, -f -R, -F -r, -F -R)
- GNU long-form flags: --recursive, --recursive --force, --force --recursive
- Pipe-to-shell via sh and zsh: * | sh, * | zsh
- Process substitution: bash <(curl *)
- Spaced pipe variant for existing rules: curl *| bash*, wget *| bash*
Harden PreToolUse hook regex:
- Old regex required combined lowercase flags only (-rf / -fr pattern)
- New regex uses three chained case-insensitive grep checks:
1. Confirm rm is the actual command (not a substring of another word or arg)
2. Detect any recursive flag (-r, -R, -[flags]r, --recursive)
3. Detect any force flag (-f, -F, -[flags]f, --force)
- Handles commands chained with ; && || |
- Verified against 25 test cases (19 must-block, 6 must-allow)1 parent df8374d commit 58b6f73
1 file changed
Lines changed: 24 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
16 | 33 | | |
17 | 34 | | |
18 | 35 | | |
19 | 36 | | |
| 37 | + | |
20 | 38 | | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
21 | 43 | | |
22 | 44 | | |
23 | 45 | | |
| |||
53 | 75 | | |
54 | 76 | | |
55 | 77 | | |
56 | | - | |
| 78 | + | |
57 | 79 | | |
58 | 80 | | |
59 | 81 | | |
60 | | - | |
| 82 | + | |
61 | 83 | | |
62 | 84 | | |
63 | 85 | | |
| |||
0 commit comments