v1.10.1 — authz hardening (traversal-safe ids, chunked-safe body cap)#14
Merged
Conversation
… body cap Security follow-up on the v1.10.0 authz surface (232 passing + 3 skipped): - AuthIds.IsValid rejects ids starting with '.' or '-', or containing no alphanumeric — so ".", "..", dotfiles, and option-like names are refused even though their characters are in the allowed set. Closes a path-traversal / tenant-isolation-bypass risk (a ".."-shaped tenant could resolve outside the per-tenant runs root). - StoreFor re-validates the tenant id and confirms the resolved directory stays under the runs root before constructing the store (defense-in-depth). - The /api body cap no longer trusts only a declared Content-Length: it also sets the Kestrel max-request-body limit so a chunked/missing-length body is rejected while binding (an omitted/spoofed Content-Length no longer bypasses the 256 KB cap). Tests: AuthIds accept/reject theories (incl. "." ".." ".hidden" "-rf" separators), a traversal tenant via proxy headers, and an oversized /api body -> 413. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Security follow-up on the v1.10.0 authz surface, addressing an automated review finding plus a current service-hardening gap. 232 passing + 3 env-gated skipped.
Fixed
AuthIds.IsValidaccepted.and..(all-dot ids passed the alphabet check). A..-shaped tenant id would resolve outside the per-tenant runs root ({runsDir}/t/{tenant}). Now rejects ids that start with./-or contain no alphanumeric, so.,.., dotfiles, and option-like names are refused.StoreForre-validates the tenant id and confirms the resolved directory stays under the runs root before constructing the store (defense-in-depth, mirrorsFileRunArtifactStore.RunDir)./apisize guard no longer relies only on a declaredContent-Length; it also sets Kestrel'sMaxRequestBodySizeso a chunked or missing-length body is rejected while binding.Tests
AuthIdsaccept/reject theories (incl..,..,.hidden,-rf, path separators), a traversal tenant via proxy headers, and an oversized/apibody → 413.Note on the relayed code review
Findings re: AllowedHosts=
*, raw-key floor bypass, draft-recipient postcondition-only, and supply-chain SHA-pinning were already resolved in v1.9.2 — verified onmaster(appsettings.json:9is loopback;AuditSignerSignString(byte[])/RawKeyProvider/FixedKeyProviderall callRequireStrongKey;PolicyGate:178gates the draft pre-creation;ci.ymlis SHA-pinned with minimized permissions + SHA256SUMS + attestation). That review appears to have run against a pre-v1.9.2 checkout. KMS/HSM and encrypted/WORM storage remain documented future seams.🤖 Generated with Claude Code