view release on metacpan or  search on metacpan

t/03-dangerous-patterns.t  view on Meta::CPAN

    return undef;
}

# Test dangerous commands
subtest 'Dangerous rm commands' => sub {
    ok(check_dangerous('rm -rf /'), 'rm -rf detected');
    ok(check_dangerous('rm -r /tmp'), 'rm -r detected');
    ok(check_dangerous('rm -f file.txt'), 'rm -f detected');
    ok(check_dangerous('rm --recursive /home'), 'rm --recursive detected');
    ok(check_dangerous('rm --force file'), 'rm --force detected');
    ok(!check_dangerous('rm file.txt'), 'rm without flags is safe');
};

subtest 'Sudo commands' => sub {
    ok(check_dangerous('sudo ls'), 'sudo detected');
    ok(check_dangerous('sudo apt-get install'), 'sudo install detected');
    ok(!check_dangerous('sudoku'), 'sudoku is not sudo');
};

subtest 'Filesystem commands' => sub {
    ok(check_dangerous('mkfs.ext4 /dev/sda1'), 'mkfs detected');
    ok(check_dangerous('dd if=/dev/zero of=/dev/sda'), 'dd device write detected');
    ok(check_dangerous('dd if=file.txt of=copy.txt'), 'dd with of= is flagged (can overwrite)');
    ok(!check_dangerous('dd if=file.txt'), 'dd without of= is safer');
};

subtest 'Device writes' => sub {
    ok(check_dangerous('echo "test" > /dev/sda'), 'Device write detected');
    ok(check_dangerous('cat foo > /dev/null'), 'Write to /dev/null detected');
};

subtest 'Permission changes' => sub {
    ok(check_dangerous('chmod 777 /etc'), 'chmod 777 detected');