emba_in_embark - e-m-b-a/embark Wiki

APP

Emba is the main Application in Embark and is mounted and addressed via /app/emba which right now is just a symlink to ./emba

CVE

The cve db is installed on HOST directly via embas installer. It is used by emba via shared volume, namely external/cve_search. The lookup takes place via search.py.

EMBA

emba with its dependencies is installed on host in root-dir

AND

is run as docker-container started by embark.
! Yes the embark-container has acces to /var/run/docker which is inherently unsafe!

Firmware-location-Upload

embark uploads firmwares to uploadedFirmwareImages/* With a not unique ID

Emba-run

start-analysis -> views.start_analysis

amounts to:

cd /app/emba && ./emba.sh -f /app/embark/uploadedFirmwareImages/active_<nr> -l /emba_logs/<nr> <+flags>

Network

EMBA-container are not run in the same docker network and only uses port 27017 on the host for cve_search.