You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: executeInVM() in both shared/shieldx-common/pkg/sandbox/firecracker_runner.go and pkg/sandbox/firecracker_runner.go writes the payload to a temp shell script and runs /bin/sh on the host, never launching the MicroVM. Any caller can achieve arbitrary command execution on the host under sandbox credentials.
Location: FirecrackerRunner.executeInVM helper in the files noted above.
Recommendation: Ensure payloads execute inside the Firecracker guest (e.g. copy script into VM via API or use serial console). Refuse to run when VM startup fails, drop any direct host shell execution, and add integration tests that verify commands do not run if the VM layer is unavailable.
Done when: Payloads run exclusively inside the VM, host execution paths are removed, and regression tests cover VM isolation failures.
