Cosmin Cojocar
Cosmin Cojocar
I think there are some cgo issues, because some symbols cannot be found: ``` Golang errors in file: []: > [line 0 : column 0] - # command-line-arguments _example/vtable/vtable.go:22:78: undefined:...
I think this expansion is in the Go AST package which tries to resolve the cgo symbols. I would leave the bug open to try to investigate if we can...
Closing this since there isn't much we can do on the gosec side.
Thanks for this proposal, it can be a useful feature. I tend towards option 1. I would probably add an option such as `filter` which can accept a YAML/JSON configuration...
@expp121 please could you have a look at this? Thanks
Some crytpo algorithms store the nonce with the cipher-text. Maybe we should split the encryption from decryption part first to reduce the noise, and run the check only on the...
@expp121 Did you have a chance to look at this an try to improve it?
I removed all the decryption functions/methods from the check. It only makes sense to flag an issue when the rule finds an hardcoded value in the code. I think if...
The spo currently unshare the fs namespace of the pid 1 from the container in order to reach the filesystem of the host, because it needs to convert the text...
You can try to run `aa_parser` to get more information about the error with the spo apparmor profile stored on the host VM: ``` sudo apparmor_parser -r /etc/apparmor.d/ ```