安全 Rails 怎么 hook 底层函数

eaonll · October 28, 2017 · Last by eaonll replied at October 28, 2017 · 6635 hits

需求

1 likes

hooooopo #1 October 28, 2017

如何定义底层？segmentfault?

jasl #2 October 28, 2017

应用层看看 raven-sentry 就好了，解释器层段错误，那你得靠 Ruby 之外的东西监控了

eaonll #3 October 28, 2017

Reply to

其实有个想法，因为命令执行漏洞，最后是执行命令的通过 hook 底层函数，这样子监控起来感觉会比较好。我查查 raven-sentry

4 Floor has deleted

hooooopo #5 October 28, 2017

很简单啦，把常用注入的方法 alias 了，可以参考 newrelic apm 源码

jasl #6 October 28, 2017

rails 本身也埋了很多点搜 instruments 可以被利用来做监控具体看看 newrelic-amp sentry-raven 的实现就好

You need to Sign in before reply, if you don't have an account, please Sign up first.