Welcome to the Linux Foundation Forum!

Lab 5.2 OS Command injection Quiz answer options

dtowerss
dtowerss Posts: 5
in SKF100 Class Forum

Hi guys,

In the Quiz for section 5.2, I think the current "correct" answer is not the correct answer for the question.

The question is:
Which coding practice can lead to OS command injection vulnerability?

and the current correct answer is:
Proper input validation and sanitation.

I think the question needs to be update to something like:
Which coding practice can help to prevent OS command injection vulnerability?

to match the current question, or make:

"Use of functions that directly execute commands without proper validation or escape mechanisms" the correct answer.

Comments

  • lrosso
    lrosso Posts: 1

    Came here to point the same mistake.
    Correct answer should be "Use of functions..."

  • saschpe
    saschpe Posts: 1

    I agree, the current "correct" answer is wrong:

  • fcioanca
    fcioanca Posts: 2,183

    Hi @saschpe

    Thank you for flagging this. It has been updated.

    Regards,
    Flavia
    Linux Foundation Education

Categories

Upcoming Training