view release on metacpan or  search on metacpan

t/03-dangerous-patterns.t  view on Meta::CPAN

#!/usr/bin/env perl
use 5.020;
use strict;
use warnings;
use Test::More;

# Test the dangerous command pattern detection in Tools.pm

# We need to access the internal _check_dangerous function
# Since it's not exported, we'll test it by loading the module and using
# the package namespace

use_ok('Acme::Claude::Shell::Tools');

# Get access to the dangerous patterns check
# This tests the module's internal security patterns
package Acme::Claude::Shell::Tools;

package main;

# Define the same patterns for testing purposes
my @DANGEROUS_PATTERNS = (
    { pattern => qr/\brm\s+(-[rf]+|--recursive|--force)/i,
      reason  => 'Recursive or forced file deletion' },
    { pattern => qr/\bsudo\b/,
      reason  => 'Superuser command' },
    { pattern => qr/\bmkfs\b/,
      reason  => 'Filesystem formatting' },
    { pattern => qr/\bdd\b.*\bof=/,
      reason  => 'Direct disk write' },
    { pattern => qr/>\s*\/dev\//,
      reason  => 'Writing to device file' },
    { pattern => qr/\bchmod\s+(-R\s+)?777\b/,
      reason  => 'World-writable permissions' },
    { pattern => qr/\bchown\s+-R\b.*\//,
      reason  => 'Recursive ownership change' },
    { pattern => qr/\bkill\s+-9\b/,
      reason  => 'Forceful process termination' },
    { pattern => qr/\b(reboot|shutdown|halt|poweroff)\b/,
      reason  => 'System shutdown/reboot' },
    { pattern => qr/\bformat\b/,
      reason  => 'Disk formatting' },
    { pattern => qr/:\s*\(\s*\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;/,
      reason  => 'Fork bomb detected' },
    { pattern => qr/\bwget\b.*\|\s*(ba)?sh/i,
      reason  => 'Piping remote script to shell' },
    { pattern => qr/\bcurl\b.*\|\s*(ba)?sh/i,
      reason  => 'Piping remote script to shell' },
);

sub check_dangerous {
    my ($command) = @_;
    for my $check (@DANGEROUS_PATTERNS) {
        if ($command =~ $check->{pattern}) {
            return $check;
        }
    }
    return undef;
}

# Test dangerous commands
subtest 'Dangerous rm commands' => sub {
    ok(check_dangerous('rm -rf /'), 'rm -rf detected');
    ok(check_dangerous('rm -r /tmp'), 'rm -r detected');
    ok(check_dangerous('rm -f file.txt'), 'rm -f detected');
    ok(check_dangerous('rm --recursive /home'), 'rm --recursive detected');
    ok(check_dangerous('rm --force file'), 'rm --force detected');
    ok(!check_dangerous('rm file.txt'), 'rm without flags is safe');
};

subtest 'Sudo commands' => sub {
    ok(check_dangerous('sudo ls'), 'sudo detected');
    ok(check_dangerous('sudo apt-get install'), 'sudo install detected');
    ok(!check_dangerous('sudoku'), 'sudoku is not sudo');
};