package-analysis icon indicating copy to clipboard operation
package-analysis copied to clipboard
verified publisher icon ossf

Detect environment variable accesses

Open oliverchang opened this issue 4 years ago • 2 comments

This isn't supported by Falco/sysdig, and would require some kind of userspace/libc interception.

oliverchang avatar Apr 26 '21 07:04 oliverchang

Doing this via dynamic analysis will be hard as it requires instrumenting various runtimes to intercept the request.

This is quicker achieved by using static analysis.

However, eventually we may want dynamic analysis support as it will still detect access from obfuscated code.

calebbrown avatar Dec 21 '22 00:12 calebbrown

Depends on #519

maxfisher-g avatar Dec 21 '22 00:12 maxfisher-g