Mitigate Security vulnerability in the git hook feature #13058
Conversation
Git hooks are a dangerous feature, administrators should be warned before giving the git hook privilege to users.
Git hooks are a dangerous features (see warning text) that should only be enabled if the administrator was informed about the risk involved.
Niklas974
changed the title
GiteaBot
added
the
lgtm/need 1
lafriks
added
the
pr/breaking
GiteaBot
added
lgtm/done
|
Thanks for merging this quickly! I suggest to add a warning for the next release. Disabling the git hook feature by default will affect the settings on existing gitea instances, admins of existing gitea instances should be informed about the issue to be able to change the setting on their instance if needed. |
|
@Niklas974 All break changes will be displayed on release notes. |
* Disable Git Hooks by default Related #13058 * pass tests
The change in the default config in this PR (DISABLE_GIT_HOOKS = true) should only affect new installations for gitea. Thus in existing installations, git hooks will stay as they were (mostly enabled, I guess). These existing installations are still endangered, thus I think the admins should be warned in the release notes. Or am I missing something, here? |
|
depends on what you have in your app.ini. If you have no |
lunny
added
the
topic/security
Git hooks are a dangerous feature that allows users with the relevant privilege to perform remote code execution on the host system and elevate their privileges to gitea administrator. Details are provided in the vulnerability report.
This pull request thus:
The problem was first reported to the gitea security team in April who released a patch. In our opinion this patch only partly mitigates the vulnerability, though. For details see the report linked above.