Pulse/cmd/pulse-sensor-proxy
rcourtman 3a6a4fd362 security: fix SSH command injection vulnerabilities in pulse-sensor-proxy
CRITICAL security fixes for pulse-sensor-proxy:

1. Strengthened hostname validation regex:
   - Now requires hostnames to start with alphanumeric character
   - Prevents SSH option injection via hostnames starting with '-'
   - Pattern: ^[a-zA-Z0-9][a-zA-Z0-9._-]{0,63}$ (1-64 chars total)
   - Added IPv4 and IPv6 validation regexes for future use

2. Added validation to vulnerable V1 RPC handlers:
   - handleGetTemperature: Now validates node parameter before SSH
   - handleRegisterNodes: Now validates discovered cluster nodes
   - Previously these handlers passed unsanitized input directly to SSH

3. Defense in depth:
   - V2 handlers already had validation (now using improved regex)
   - Multiple layers of protection against malicious node identifiers
   - Validation prevents container from passing SSH options as hostnames

Without these fixes, a compromised container could potentially inject SSH
options by providing malicious node names, though the 'root@' prefix
provided some mitigation.

Addresses high-severity finding from security audit.
2025-10-19 16:28:38 +00:00
..
auth.go Automate sensor proxy container mount and auth 2025-10-14 12:41:48 +00:00
auth_test.go Automate sensor proxy container mount and auth 2025-10-14 12:41:48 +00:00
cleanup.go feat: add comprehensive node cleanup system 2025-10-17 18:53:45 +00:00
config.go Automate sensor proxy container mount and auth 2025-10-14 12:41:48 +00:00
main.go security: fix SSH command injection vulnerabilities in pulse-sensor-proxy 2025-10-19 16:28:38 +00:00
metrics.go refactor: Rename pulse-temp-proxy to pulse-sensor-proxy 2025-10-13 13:17:05 +00:00
ssh.go feat: add comprehensive node cleanup system 2025-10-17 18:53:45 +00:00
throttle.go refactor: Rename pulse-temp-proxy to pulse-sensor-proxy 2025-10-13 13:17:05 +00:00
validation.go security: fix SSH command injection vulnerabilities in pulse-sensor-proxy 2025-10-19 16:28:38 +00:00