Tranquil IT Forum

Contact us
at https://forum.tranquil.it/

security and command block

https://forum.tranquil.it/viewtopic.php?t=4041

Page 1 of 1

security and command block

Published: September 27, 2024 - 11:24 AM
by guigeek
Hello,
for security reasons, we would like to block the "cmd" command for standard users.
However, wapt uses it as a user account for all session setup.
Is there an alternative?
Thank you for your help!
Have a good day,
Guillaume

Re: Security and cmd blocking

Published: October 11, 2024 - 1:31 PM
by guigeek
Person ?

Re: Security and cmd blocking

Published: October 11, 2024 - 1:48 PM
by sfonteneau
Oops, sorry, your message seems to have slipped through the cracks.

After a quick look, it's mainly the `run` function that calls `cmd`. Blocking `cmd` shouldn't be a problem the rest of the time.
You just shouldn't run `run` in the session setup.

Re: Security and cmd blocking

Published: October 11, 2024 - 2:41 PM
by dcardon
Hi again Guillaume,

you can call `subprocess.check_output('cmd',shell=False)` which should prevent launching `cmd` commands in session setup.

Regards,

Denis

Re: Security and cmd blocking

Published: October 16, 2024 - 8:25 AM
by guigeek
Thank you, I'll try that!
Time zone set to UTC+02:00
Page 1 of 1

Developed by phpBB® Forum Software © phpBB Limited

Official French translation © Qiaeru