Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Really enforce Config.new(data, nil) prevents external file lookups #372

Merged
merged 3 commits into from
Dec 2, 2018
Merged

Really enforce Config.new(data, nil) prevents external file lookups #372

merged 3 commits into from
Dec 2, 2018

Conversation

cben
Copy link
Collaborator

@cben cben commented Dec 2, 2018

I promised this in README since version 3.1.1 (#334).
Alas that was a lie — absolute path lookups have always worked 😳
(Test passed because 2 of the 3 paths were still relative, so File.join raised an error.)

@yaacov @grosser please review

cben added 3 commits December 2, 2018 15:15
@cben
Test Config.read(aString) instead of Config.read(aFile)
cd3fdc0 
Config.read() is documented to take a file path string.
Tests passed a File instance instead.
File happened to work too but I'm not goint to guarantee that.  All uses
of Config.read() on GitHub pass a string.
@cben
Really enforce Config.new(data, nil) prevents external file lookups
709baa8 
Promised in README since 040d6ea (ManageIQ#334).
Didn't work - absolute path lookups were allowed!
Test passed because some of the paths were still relative.
@cben
Config: add comments, clarify significance of nil kcfg_path
10f7bdb
@cben cben added the bug label Dec 2, 2018
@cben
Copy link
Collaborator Author

cben commented Dec 2, 2018

@yaacov added comments PTAL

@yaacov
Copy link
Member

yaacov commented Dec 2, 2018

LGTM

@cben cben merged commit 4ad560b into ManageIQ:master Dec 2, 2018
@cben cben mentioned this pull request Dec 2, 2018
Merged
@cben cben mentioned this pull request Dec 9, 2018
Merged
cben added a commit to cben/kubeclient that referenced this pull request Dec 9, 2018
@cben
Credential plugins: lookup command relative to config's dir, nil = op…
a42b3d3 
…t out

Matches Go client's behavior:
kubernetes/kubernetes#59495 (comment)
Distinguish 3 cases:
- absolute (e.g. /path/to/foo)
- $PATH-based (e.g. curl)
- relative to config file's dir (e.g. ./foo)

If base dir explicitly set to nil, refuse to execute external commands,
matching existing opt-out from file lookups (ManageIQ#372).

Document security aspects of credential plugins.
@cben cben mentioned this pull request Dec 9, 2018
Merged
@cben cben mentioned this pull request Dec 20, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cben @yaacov