Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

machine-exec endpoint is not secure #13970

Closed
3 of 9 tasks
sleshchenko opened this issue Jul 23, 2019 · 6 comments
Closed
3 of 9 tasks

machine-exec endpoint is not secure #13970

sleshchenko opened this issue Jul 23, 2019 · 6 comments
Assignees
@AndrienkoAleksandr
Labels
kind/bug Outline of a bug - must adhere to the bug report template. severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code.
Milestone
7.0.0

Comments

@sleshchenko
Copy link
Member

Describe the bug

machine-exec endpoint is not secure
https://github.com/eclipse/che-plugin-registry/blob/master/v3/plugins/eclipse/che-machine-exec-plugin/latest/meta.yaml#L17

It means that anyone is able to get access to containers terminal if he knows URL.

It's needed to make machine-exec endpoint secure as Theia
https://github.com/eclipse/che-plugin-registry/blob/master/v3/plugins/eclipse/che-theia/latest/meta.yaml#L21
and check if everything works as expected.

Che version

  • latest
  • nightly
  • other: please specify

Runtime

  • kubernetes (include output of kubectl version)
  • Openshift (include output of oc version)
  • minikube (include output of minikube version and kubectl version)
  • minishift (include output of minishift version and oc version)
  • docker-desktop + K8S (include output of docker version and kubectl version)
  • other: (please specify)
@sleshchenko sleshchenko added the kind/bug Outline of a bug - must adhere to the bug report template. label Jul 23, 2019
@sleshchenko
Copy link
Member Author

@l0rd @slemeur I think it should be included into Endgame plan

@skabashnyuk skabashnyuk added the severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code. label Jul 23, 2019
@skabashnyuk skabashnyuk added this to the 7.0.0 milestone Jul 23, 2019
@l0rd
Copy link
Contributor

l0rd commented Jul 23, 2019

@sleshchenko makes sense. Thanks for reporting this.

@l0rd
Copy link
Contributor

l0rd commented Jul 23, 2019

cc @nickboldt that should be today curator of the triage

@l0rd
Copy link
Contributor

l0rd commented Jul 23, 2019

@AndrienkoAleksandr @evidolob please add the label in-progress if you start working on this issue.

@nickboldt
Copy link
Contributor

"cc @nickboldt that should be today curator of the triage"
Sorry, I thought we were changing the dates/triageurs ?

My thought was that since I'm not a team lead for Che stuff, nor deep in the Che dev, that having to triage 3 days of new issues was possibly better suited to someone with more Ch'expertise. :D

@evidolob evidolob mentioned this issue Jul 24, 2019
Closed
18 tasks
@AndrienkoAleksandr AndrienkoAleksandr added the status/in-progress This issue has been taken by an engineer and is under active development. label Jul 24, 2019
This was referenced Jul 25, 2019
Merged
Merged
Merged
@AndrienkoAleksandr
Copy link
Contributor

Will be closed after merge #14061

@AndrienkoAleksandr AndrienkoAleksandr removed the status/in-progress This issue has been taken by an engineer and is under active development. label Aug 2, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AndrienkoAleksandr AndrienkoAleksandr

Labels
kind/bug Outline of a bug - must adhere to the bug report template. severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code.
Projects
None yet
Milestone
7.0.0
Development

No branches or pull requests
5 participants
@nickboldt @l0rd @skabashnyuk @sleshchenko @AndrienkoAleksandr