6.15.1 Command-execution permission definition file
- Organization of this subsection
(1) Format
-
Specify regular expressions that accept strings to be checked, using a linefeed as a delimiter.
-
The available character code is UTF-8 only.
-
Empty string lines are ignored.
-
The coding format of regular expressions complies with the java.util.regex.Pattern class specification.
(2) Function
Specifies, in regular expressions, the combination of an external command and command line arguments that can be executed by a command adapter.
When a request is sent to a command adapter, the command adapter checks the strings specified in the request message based on the regular expressions specified in the command-execution permission definition file. Each string consists of an external command and command line arguments concatenated with halfwidth spaces.
To create a command-execution permission definition file:
-
Confirm the file path to the commands that the command adapter is permitted to execute, and the specification of command line arguments that can be specified.
-
Create regular expressions that accept the strings to be checked, and then code the regular expressions in the file.
-
Store the created command-execution permission definition file in any location and with any file name.
- Important note
-
To enable the command-execution permission definition file, specify the path of this file for the adpcmd.config.command.allow-file-path property of the command-adapter runtime-environment properties file.
(3) Example of coding
The following is an example of coding of the command-execution permission definition file.
/bin/ls(?: -l)? /usr/share/product/bin/[^ /]+.sh[^&|<>]*
(4) Note
Appropriately specify the regular expressions that accept strings corresponding to external commands and command line arguments. Especially, if the following prerequisites must be satisfied when the system is designed, you can prevent security risks by suppressing the startup of processes not intended by system administrators:
-
Adapters can be directly invoked without using a business process (when the standard reception is active).
-
Values from an end user's requester are directly mapped to a request message of a command adapter in a business process.
- Reference note
-
The following are examples of inappropriate regular expressions.
-
Expressions that accept any character string (for example, .+ and .*).
Startup of unintended processes cannot be prevented.
-
Special characters that have meaning of execution control in shells or command prompts (for example, &, |, >, and <)
Startup of an unintended process specified in a command line argument cannot be prevented.
-