You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since run_path executes python scripts in the given python file, what will be our security modal to prevent someone from targeting predicate policies as a way to execute malicious codes?
The policies will be managed by administrators and the case may be similar to "admins have super access anyway". But consider a scenario where predicate is set up in CI/CD to deploy policies, anyone with push access to that pipeline can add a new policy file to trigger custom code inside CI runtime. Or maybe just trick policy admins to test a custom policy file and pwn their machine.
Are there other secure alternative to run_path?
The text was updated successfully, but these errors were encountered:
Since
run_pathexecutes python scripts in the given python file, what will be our security modal to prevent someone from targeting predicate policies as a way to execute malicious codes?The policies will be managed by administrators and the case may be similar to "admins have super access anyway". But consider a scenario where predicate is set up in CI/CD to deploy policies, anyone with push access to that pipeline can add a new policy file to trigger custom code inside CI runtime. Or maybe just trick policy admins to test a custom policy file and pwn their machine.
Are there other secure alternative to
run_path?The text was updated successfully, but these errors were encountered: