New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth bypass when using an optimised build #102

Open
passcod opened this Issue Jan 10, 2018 · 1 comment

Comments

Projects
None yet
2 participants
@passcod
Copy link

passcod commented Jan 10, 2018

Similar to this: https://twitter.com/AlecMuffett/status/950699975767482370

Oh, this is glorious: pysaml2 library uses an assert statement to check & reject users who use the wrong password; however when running with the optimiser enabled, all assert statements are stripped… so: anyone can log into anything with any password.

In here: https://github.com/ceph/shaman/blob/master/shaman/auth.py#L12-L13

username, password = decoded.split(':')
assert username == conf.api_user
assert password == conf.api_key
@passcod

This comment has been minimized.

@alfredodeza alfredodeza self-assigned this Jan 11, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment