Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[security issue]policy bypass #50

Closed
sohu0106 opened this issue Jul 16, 2018 · 0 comments
Closed

[security issue]policy bypass #50

sohu0106 opened this issue Jul 16, 2018 · 0 comments

Comments

@sohu0106
Copy link

Regular expressions used by Authz are relatively simple and may be bypassed
For example, we allow only the docker start in the policy, and docker pause is not allowed.
Normal access to https://127.0.0.1:2376/v1.23/containers/aa/pause will be rejected
But we can be accessed the url
Https://127.0.0.1:2376/v1.23/containers/aa/pause?aaa=\/start
to bypass Authz’s policy restrictions
The above regular expression can bypass the Authz limit and run docker pause success

liron-l pushed a commit that referenced this issue Jul 16, 2018
Fix #50 - Parsing can be bypass with query parameters.
Ensure URI is sanitize to path component before checking against regex.
liron-l pushed a commit that referenced this issue Jul 16, 2018
Fix #50 - Parsing can be bypass with query parameters.
Ensure URI is sanitize to path component before checking against regex.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant