Skip to content

Commit

Permalink
Use Username over UIDs since it's supported on Windows
Browse files Browse the repository at this point in the history
  • Loading branch information
@RebeccaMahany
RebeccaMahany committed Dec 19, 2024
1 parent a7ce8f0 commit f24b66c
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions pkg/osquery/runtime/osqueryinstance.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -761,15 +761,15 @@ func (i *OsqueryInstance) detectStaleDatabaseLock(ctx context.Context, paths *os

func processStr(ctx context.Context, p *process.Process) string {
name := "unknown"
uids := "unknown"
username := "unknown"

Check failure

Code scanning / CodeQL

Hard-coded credentials Critical

Hard-coded
id
Loading
.
runningStatus := "unknown"
cmdline := "unknown"

if gotName, err := p.NameWithContext(ctx); err == nil {
name = gotName
}
if gotUids, err := p.UidsWithContext(ctx); err == nil {
uids = fmt.Sprintf("%v", gotUids)
if gotUsername, err := p.UsernameWithContext(ctx); err == nil {
username = gotUsername
}
if gotIsRunning, err := p.IsRunningWithContext(ctx); err == nil {
if gotIsRunning {
Expand All @@ -782,7 +782,7 @@ func processStr(ctx context.Context, p *process.Process) string {
cmdline = gotCmdline
}

return fmt.Sprintf("process with name `%s` and PID %d belonging to UIDs %s has current status `%s` (%s)", name, p.Pid, uids, runningStatus, cmdline)
return fmt.Sprintf("process with name `%s` and PID %d belonging to user `%s` has current status `%s` (%s)", name, p.Pid, username, runningStatus, cmdline)
}

// createOsquerydCommand uses osqueryOptions to return an *exec.Cmd
Expand Down

0 comments on commit f24b66c

Please sign in to comment.