aura-3.2.6: A secure package manager for Arch Linux and the AUR.
Copyright(c) Colin Woodbury 2012 - 2020
LicenseGPL3
MaintainerColin Woodbury <colin@fosskers.ca>
Safe HaskellNone
LanguageHaskell2010

Aura.Pkgbuild.Security

Description

Analyse PKGBUILDs for potentially malicious bash code.

Synopsis

Documentation

data BannedTerm Source #

A bash term which should never appear in a PKGBUILD. If one does, it's either a sign of maintainer negligence or malicious behaviour.

Constructors

BannedTerm !Text !BanCategory 

Instances

Instances details
Eq BannedTerm Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Methods

(==) :: BannedTerm -> BannedTerm -> Bool #

(/=) :: BannedTerm -> BannedTerm -> Bool #

Ord BannedTerm Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Methods

compare :: BannedTerm -> BannedTerm -> Ordering #

(<) :: BannedTerm -> BannedTerm -> Bool #

(<=) :: BannedTerm -> BannedTerm -> Bool #

(>) :: BannedTerm -> BannedTerm -> Bool #

(>=) :: BannedTerm -> BannedTerm -> Bool #

max :: BannedTerm -> BannedTerm -> BannedTerm #

min :: BannedTerm -> BannedTerm -> BannedTerm #

Show BannedTerm Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Methods

showsPrec :: Int -> BannedTerm -> ShowS #

show :: BannedTerm -> String #

showList :: [BannedTerm] -> ShowS #

Generic BannedTerm Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Associated Types

type Rep BannedTerm :: Type -> Type #

Methods

from :: BannedTerm -> Rep BannedTerm x #

to :: Rep BannedTerm x -> BannedTerm #

type Rep BannedTerm Source # 
Instance details

Defined in Aura.Pkgbuild.Security

type Rep BannedTerm = D1 ('MetaData "BannedTerm" "Aura.Pkgbuild.Security" "aura-3.2.6-6TM9aS6fz388EoCrNAK9d2" 'False) (C1 ('MetaCons "BannedTerm" 'PrefixI 'False) (S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Nothing :: Maybe Symbol) 'NoSourceUnpackedness 'SourceStrict 'DecidedStrict) (Rec0 BanCategory)))

data BanCategory Source #

The reason why the bash term is black-listed.

Constructors

Downloading 
ScriptRunning 
Permissions 
InlinedBash 
StrangeBashism 
CleverRedirect 

Instances

Instances details
Eq BanCategory Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Methods

(==) :: BanCategory -> BanCategory -> Bool #

(/=) :: BanCategory -> BanCategory -> Bool #

Ord BanCategory Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Methods

compare :: BanCategory -> BanCategory -> Ordering #

(<) :: BanCategory -> BanCategory -> Bool #

(<=) :: BanCategory -> BanCategory -> Bool #

(>) :: BanCategory -> BanCategory -> Bool #

(>=) :: BanCategory -> BanCategory -> Bool #

max :: BanCategory -> BanCategory -> BanCategory #

min :: BanCategory -> BanCategory -> BanCategory #

Show BanCategory Source # 
Instance details

Defined in Aura.Pkgbuild.Security

Methods

showsPrec :: Int -> BanCategory -> ShowS #

show :: BanCategory -> String #

showList :: [BanCategory] -> ShowS #

parsedPB :: Pkgbuild -> Maybe List Source #

Attempt to parse a PKGBUILD. Should succeed for all reasonable PKGBUILDs.

bannedTerms :: List -> [(ShellCommand, BannedTerm)] Source #

Discover any banned terms lurking in a parsed PKGBUILD, paired with the surrounding context lines.

reportExploit :: BannedTerm -> Language -> Doc AnsiStyle Source #

Dispatch different error messages depending on the category of a BannedTerm.