Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix exec.LookPath for malcontent #1216

Merged
merged 1 commit into from
Sep 30, 2024
Merged

Fix exec.LookPath for malcontent #1216

merged 1 commit into from
Sep 30, 2024

Conversation

egibs
Copy link
Member

@egibs egibs commented Sep 30, 2024
edited
Loading

This PR corrects the exec.LookPath when looking for malcontent which is installed as mal in the SDK image:

/ # mal --help
NAME:
   malcontent - Detect malicious program behaviors

USAGE:
   mal <flags> [diff, scan] <path>

VERSION:
   v1.0.1

COMMANDS:
   analyze  fully interrogate a path
   diff     scan and diff two paths
   scan     tersely scan a path and return findings of the highest severity
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --all                      Ignore nothing within a provided scan path (default: false)
   --err-first-miss           Exit with error if scan source has no matching capabilities (default: false)
   --err-first-hit            Exit with error if scan source has matching capabilities (default: false)
   --format value             Output format (json, markdown, simple, terminal, yaml) (default: "auto")
   --ignore-self              Ignore the malcontent binary (default: true)
   --ignore-tags value        Rule tags to ignore
   --include-data-files       Include files that are detected as non-program (binary or source) files (default: false)
   --jobs value, -j value     Concurrently scan files within target scan paths (default: 12)
   --min-file-level value     Obsoleted by --min-file-risk (default: -1)
   --min-file-risk value      Only show results for files which meet the given risk level (any, low, medium, high, critical) (default: "low")
   --min-level value          Obsoleted by --min-risk (default: -1)
   --min-risk value           Only show results which meet the given risk level (any, low, medium, high, critical) (default: "low")
   --output value, -o value   Write output to specified file instead of stdout
   --profile, -p              Generate profile and trace files (default: false)
   --quantity-increases-risk  Increase file risk score based on behavior quantity (default: true)
   --stats, -s                Show scan statistics (default: false)
   --third-party              Include third-party rules which may have licensing restrictions (default: true)
   --verbose                  Emit verbose logging messages to stderr (default: false)
   --help, -h                 show help
   --version, -v              print the version

This is required for updating the SDK image digest in wolfi-dev/os.

@imjasonh imjasonh merged commit 8f6fc7a into wolfi-dev:main Sep 30, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imjasonh imjasonh imjasonh approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@egibs @imjasonh