writeHookScript writes a POSIX shell script to a temp file and returns its path, marking it executable.
(t *testing.T, body string)
| 10 | // writeHookScript writes a POSIX shell script to a temp file and returns its |
| 11 | // path, marking it executable. |
| 12 | func writeHookScript(t *testing.T, body string) string { |
| 13 | t.Helper() |
| 14 | path := filepath.Join(t.TempDir(), "hook.sh") |
| 15 | if err := os.WriteFile(path, []byte("#!/bin/sh\n"+body), 0o700); err != nil { |
| 16 | t.Fatalf("failed to write hook script: %v", err) |
| 17 | } |
| 18 | return path |
| 19 | } |
| 20 | |
| 21 | // TestRunCommandNoCredentialInjection ensures that attacker-controlled |
| 22 | // credentials submitted at the unauthenticated login endpoint cannot be |
no outgoing calls
no test coverage detected