kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-01 16:05:42 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
110d93ab25ae1c2f3711fd925951cef2af767277
nomad/drivers/shared/executor
History
Tim Gross 110d93ab25 windows: remove LazyDLL calls for system modules (#19925) 
On Windows, Nomad uses `syscall.NewLazyDLL` and `syscall.LoadDLL` functions to
load a few system DLL files, which does not prevent DLL hijacking
attacks. Hypothetically a local attacker on the client host that can place an
abusive library in a specific location could use this to escalate privileges to
the Nomad process. Although this attack does not fall within the Nomad security
model, it doesn't hurt to follow good practices here.

We can remove two of these DLL loads by using wrapper functions provided by the
stdlib in `x/sys/windows`

Co-authored-by: dduzgun-security <deniz.duzgun@hashicorp.com>
2024-02-09 08:47:48 -05:00
..
procstats
ci: run linter in ./api package (#19513)
2023-12-19 15:59:47 -05:00
proto
drivers/raw_exec: remove plumbing for ineffective no_cgroups configuration (#19599)
2024-01-11 08:20:15 -06:00
test-resources/busybox
tests: busybox only depends on arch
2019-01-07 08:36:32 -05:00
exec_utils.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
executor_basic.go
deps: upgrade to go-set/v2 (#18638)
2023-10-05 11:56:17 -05:00
executor_linux_test.go
Add OOM detection for exec driver (#19563)
2024-01-03 09:50:27 -06:00
executor_linux.go
Add OOM detection for exec driver (#19563)
2024-01-03 09:50:27 -06:00
executor_plugin.go
drivers: plumb hardware topology via grpc into drivers (#18504)
2023-09-18 08:58:07 -05:00
executor_test.go
drivers: plumb hardware topology via grpc into drivers (#18504)
2023-09-18 08:58:07 -05:00
executor_universal_linux_test.go
drivers/raw_exec: enable configuring raw_exec task to have no memory limit (#19670)
2024-01-09 14:57:13 -06:00
executor_universal_linux.go
drivers/raw_exec: enable configuring raw_exec task to have no memory limit (#19670)
2024-01-09 14:57:13 -06:00
executor_unix.go
numa: enable numa topology detection (#18146)
2023-08-10 17:05:30 -05:00
executor_windows.go
windows: remove LazyDLL calls for system modules (#19925)
2024-02-09 08:47:48 -05:00
executor.go
drivers/raw_exec: remove plumbing for ineffective no_cgroups configuration (#19599)
2024-01-11 08:20:15 -06:00
grpc_client.go
drivers/raw_exec: remove plumbing for ineffective no_cgroups configuration (#19599)
2024-01-11 08:20:15 -06:00
grpc_server.go
drivers/raw_exec: remove plumbing for ineffective no_cgroups configuration (#19599)
2024-01-11 08:20:15 -06:00
libcontainer_nsenter_linux.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
plugins.go
drivers: plumb hardware topology via grpc into drivers (#18504)
2023-09-18 08:58:07 -05:00
pty_unix.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
pty_windows.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
resource_container_default.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
utils_test.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
utils_unix.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
utils_windows.go
[COMPLIANCE] Add Copyright and License Headers
2023-04-10 15:36:59 +00:00
utils.go
Add OOM detection for exec driver (#19563)
2024-01-03 09:50:27 -06:00
z_executor_cmd.go
drivers: plumb hardware topology via grpc into drivers (#18504)
2023-09-18 08:58:07 -05:00