Add ability to block commands

2025-12-25 19:03:01 -08:00
parent 6159bdd38a
commit 47de3e431c
9 changed files with 909 additions and 0 deletions
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -14,6 +14,9 @@ Example config:
    "denyRead": ["/etc/passwd"],
    "allowWrite": [".", "/tmp"],
    "denyWrite": [".git/hooks"]
+  },
+  "command": {
+    "deny": ["git push", "npm publish"]
  }
 }
 ```
@@ -40,6 +43,48 @@ Example config:
 | `denyWrite` | Paths to deny writing (takes precedence) |
 | `allowGitConfig` | Allow writes to `.git/config` files |

+## Command Configuration
+
+Block specific commands from being executed, even within command chains.
+
+| Field | Description |
+|-------|-------------|
+| `deny` | List of command prefixes to block (e.g., `["git push", "rm -rf"]`) |
+| `allow` | List of command prefixes to allow, overriding `deny` |
+| `useDefaults` | Enable default deny list of dangerous system commands (default: `true`) |
+
+Example:
+
+```json
+{
+  "command": {
+    "deny": ["git push", "npm publish"],
+    "allow": ["git push origin docs"]
+  }
+}
+```
+
+### Default Denied Commands
+
+When `useDefaults` is `true` (the default), fence blocks these dangerous commands:
+
+- System control: `shutdown`, `reboot`, `halt`, `poweroff`, `init 0/6`
+- Kernel manipulation: `insmod`, `rmmod`, `modprobe`, `kexec`
+- Disk operations: `mkfs*`, `fdisk`, `parted`, `dd if=`
+- Container escape: `docker run -v /:/`, `docker run --privileged`
+- Namespace escape: `chroot`, `unshare`, `nsenter`
+
+To disable defaults: `"useDefaults": false`
+
+### Command Detection
+
+Fence detects blocked commands in:
+
+- Direct commands: `git push origin main`
+- Command chains: `ls && git push` or `ls; git push`
+- Pipelines: `echo test | git push`
+- Shell invocations: `bash -c "git push"` or `sh -lc "ls && git push"`
+
 ## Other Options

 | Field | Description |