fix: apply security patches for configuration file and local executor #97
|
|
@ -13,6 +13,7 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
|
"syscall"
|
||||||
|
|
||||||
"github.com/go-git/go-git/v5"
|
"github.com/go-git/go-git/v5"
|
||||||
"github.com/koding/multiconfig"
|
"github.com/koding/multiconfig"
|
||||||
|
|
@ -183,6 +184,19 @@ func GetConfPath(confRoot, confName, fallbackConfName, msg, tag string) (
|
||||||
return confPath, confStat, conventionalCommit, err
|
return confPath, confStat, conventionalCommit, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Check file ownership
|
||||||
|
if stat, ok := confStat.Sys().(*syscall.Stat_t); ok {
|
||||||
|
uid := int(stat.Uid)
|
||||||
|
currentUid := os.Getuid()
|
||||||
|
if uid != 0 && uid != currentUid {
|
||||||
|
|
|||||||
|
err = fmt.Errorf("insecure configuration file: owned by uid %d, expected 0 or %d", uid, currentUid)
|
||||||
|
slog.Error("insecure conf file", "path", confPath, "uid", uid, "expected_uid", currentUid)
|
||||||
|
return confPath, confStat, conventionalCommit, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
slog.Warn("could not determine file ownership, proceeding with caution", "path", confPath)
|
||||||
张泊明518370910136
commented
What if we just terminate it here? What if we just terminate it here?
manuel
commented
maybe end + write logs to raise an alert on grafana? maybe end + write logs to raise an alert on grafana?
|
|||||||
|
}
|
||||||
|
|
||||||
return confPath, confStat, conventionalCommit, err
|
return confPath, confStat, conventionalCommit, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,12 +3,18 @@
|
||||||
// used for passing run time parameters.
|
// used for passing run time parameters.
|
||||||
package local
|
package local
|
||||||
|
|
||||||
import "github.com/joint-online-judge/JOJ3/internal/stage"
|
import (
|
||||||
|
"os"
|
||||||
|
|
||||||
|
"github.com/joint-online-judge/JOJ3/internal/stage"
|
||||||
|
)
|
||||||
|
|
||||||
var name = "local"
|
var name = "local"
|
||||||
|
|
||||||
type Local struct{}
|
type Local struct{}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
stage.RegisterExecutor(name, &Local{})
|
if os.Getenv("JOJ3_ENABLE_LOCAL_EXECUTOR") == "true" {
|
||||||
|
张泊明518370910136
commented
Where is it used? Where is it used?
蔡雨翔524370910013
commented
Just thinking that the Local executor is unsafe if conf.go is bypassed, so you can add an env for the students' executor so that it doesn't run the local executor, while other usages can still be fulfilled. Just thinking that the Local executor is unsafe if conf.go is bypassed, so you can add an env for the students' executor so that it doesn't run the local executor, while other usages can still be fulfilled.
张泊明518370910136
commented
What does it mean by students' executor? What does it mean by students' executor?
蔡雨翔524370910013
commented
I found that I'm wrong. Many stages seem to use the local executor. > What does it mean by students' executor?
I found that I'm wrong. Many stages seem to use the local executor.
蔡雨翔524370910013
commented
This part is not needed. This part is not needed.
|
|||||||
|
stage.RegisterExecutor(name, &Local{})
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user
Will the conf file be owned by root?
i was wondering the same: we have
studentandtt. i think no other user (includingroot) is involved.Then uid != 0 is not needed.