CWE-114 Process Control
What this means
SiteShadow flagged external input influencing process control: what gets executed/loaded, how it's executed, or what libraries/modules are loaded. This includes dynamic library loading paths, executable names, and environment variables that affect loaders.
Why it matters
Attackers can load malicious libraries or alter execution flow.
- Code execution: running attacker-chosen binaries or loading attacker-controlled libraries.
- Privilege escalation: if a privileged service loads from untrusted paths.
- Persistence: malicious loaders/plugins can survive restarts if the path is controlled.
Safer examples
1) Don't let users choose executables or library paths
Use allowlisted commands and fixed paths; never accept "binary path" from a request.
2) Use safe subprocess APIs (no shell strings)
import subprocess
subprocess.run(["git", "status"], check=True) # allowlistedimport { spawn } from "node:child_process";
spawn("git", ["status"], { stdio: "inherit" });3) Lock down environment and loader behavior
Avoid passing untrusted env vars like LD_LIBRARY_PATH / PYTHONPATH into privileged processes; run with least privilege.
How SiteShadow detects it (high level)
- Detects process execution and dynamic loading APIs and checks whether command/path/env inputs are externally controlled.
- Flags risky patterns like shell execution, user-controlled search paths, and dynamic library loading from writable locations.
References
- CWE-114: https://cwe.mitre.org/data/definitions/114.html
---