This repository has been archived by the owner on Jun 15, 2024. It is now read-only.
Artifacts endpoint potentially allows access to workspaces and other non-artifact files #7
Labels
Comments
flosell
added a commit
that referenced
this issue
Oct 11, 2016
…-resource can enforce that we can't break out of this directory (#7)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Currently, the artifacts endpoint looks like this:
GET /artifacts/<build-number>/<step-id>/<path>This looks for a file in
<lambdacd-home-dir>/<build-number>/<step-id>/<path>and returning it to the user.We currently use
<lambdacd-home-dir>/<build-number>/<step-id>as the root on which to check if a path is safe to access so by cleverly building this path, it could be possible to access information in other directories.This is made worse by the fact that artifact-directories are directly in the lambdacd-home-dir (which also contains other stuff like workspaces and build-information).
Solution
Use a separate root folder for all artifacts, validate all paths against this root folder.
Side effects
Moving the artifacts folder breaks access to artifacts archieved before upgrading.
Workaround: Users that still need to access old artifacts, consider moving the artifacts-folders (all folders with the pattern
<build-id>/<step-id>, e.g.<lambdacd-home>/2/2-1) into the new root-folder.The text was updated successfully, but these errors were encountered: