https://github.com/osquery/osquery logo
Join Slack
Powered by
I am filling out the Python Package Vulnerability ...
# general
k
I am filling out the Python Package Vulnerability detection on my CVE Detection and wanted to know, is there a way for OSQ to figure out which version of Python is the default. IE like 
which python3
command or 
python3 --version
s
That's a bit tricky, because it's the shell that decides which binary to run, which also depends on which files it decides to use to construct its environment/env variables values.
The 
PATH
env var is normally what gets used, but it can be modified in several different shell specific files
k
Well that is going to be annoying, chuck that up to future kyle's problem. I guess I can check that myself since I have to run swift, bash, or python adjacent to this.
s
Like I think the question is, what's the definition of "default". Linux has files like 
/etc/profile
, 
~/.profile
, 
/etc/environment
, 
/etc/profile.d/[...]
which should be read by all shells, but then each shell could also read 
~/.bash_profile
, 
~/.zprofile
, and so on. And note that the shell specific files, which are also user specific, can be placed in other paths if you modify some configs in the shells themselves.
In a sense the truth, for each shell process, at any given point in time can be retrieved via 
process_envs
k
yeah I can see that in the path key, but at least on a Mac it just gives the major version and not a sub version to say hit something like this.
Copy code
{
                  "vulnerable": true,
                  "criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.7.0",
                  "versionEndExcluding": "3.7.7",
                  "matchCriteriaId": "828A83C6-F100-486D-963B-363062C5FAA8"
                },
Open in Slack
PreviousNext
Powered by