id: "c-guarded-system:001"
language: c
project: guarded-system
version: "1.0.0"
description: "Command execution guarded by ALLOW_CMD flag (default unreachable)."
entrypoints:
  - "main(argv)"
sinks:
  - id: "GuardedSystem::main"
    path: "src/main.c::main"
    kind: "command"
    location:
      file: src/main.c
      line: 26
    notes: "system() only runs when ALLOW_CMD=1."
environment:
  os_image: "gcc:13-bookworm"
  runtime:
    gcc: "13"
  source_date_epoch: 1730000000
  resource_limits:
    cpu: "2"
    memory: "4Gi"
build:
  command: "./build/build.sh"
  source_date_epoch: 1730000000
  outputs:
    artifact_path: outputs/binary.tar.gz
    sbom_path: outputs/sbom.cdx.json
    coverage_path: outputs/coverage.json
    traces_dir: outputs/traces
    attestation_path: outputs/attestation.json
test:
  command: "./tests/run-tests.sh"
  expected_coverage:
    - outputs/coverage.json
  expected_traces:
    - outputs/traces/traces.json
ground_truth:
  summary: "Without ALLOW_CMD, the system() sink remains unreachable; with ALLOW_CMD=1, it executes."
  evidence_files:
    - "../../../benchmark/truth/c-guarded-system.json"
sandbox:
  network: loopback
  privileges: rootless
redaction:
  pii: false
  policy: "benchmark-default/v1"