valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-06 01:25:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add transactions to the pragma/actions authorizer allow list (#7029)

Browse Source 
Add transaction to the authorizer allow list. Users may use transactions to manage temp tables.
This commit is contained in:
seph 2021-03-28 16:17:31 -04:00 committed by GitHub
parent 91ad4bc63a
commit 6b63975f14
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
osquery/sql/sqlite_util.h
View File

@ -53,7 +53,7 @@ const std::unordered_set<int> kAllowedSQLiteActionCodes = {
SQLITE_CREATE_VTABLE,
SQLITE_DROP_VTABLE,
// Users may sometimes want to create tables and views
// Users may create tables and views
SQLITE_CREATE_VIEW,
SQLITE_DROP_VIEW,
SQLITE_CREATE_TABLE,
@ -68,9 +68,13 @@ const std::unordered_set<int> kAllowedSQLiteActionCodes = {
// Required for recursive queries
SQLITE_RECURSIVE,
// Allow transactions. These are used by people to manage tmp tables
SQLITE_TRANSACTION,
};
// Allowlist of SQLite pragmas. Any pragma not in this set is denied.
// Allowlist of SQLite pragmas. Any pragma not in this set is
// denied. See possible values in https://sqlite.org/pragma.html
const std::unordered_set<std::string> kAllowedSQLitePragmas = {
"table_info",
"table_xinfo",