train icon indicating copy to clipboard operation
train copied to clipboard
verified publisher icon inspec

CHEF-19255 Fix named pipes to be more secure

Open sa-progress opened this issue 6 months ago • 0 comments

Description

This PR implements security best practices for Windows named pipe usage in the local transport.

  • Randomizes pipe names
  • Sets strict ACLs on named pipes
  • Verifies pipe ownership before connecting
  • Ensures fully qualified paths are used for PowerShell execution

Related Issue

Types of changes

  • [x] Bug fix (non-breaking change which fixes an issue)
  • [ ] New content (non-breaking change)
  • [ ] Breaking change (a content change which would break existing functionality or processes)

Checklist

  • [x] I have read the CONTRIBUTING document.

sa-progress avatar Jun 17 '25 12:06 sa-progress