Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RepoSpec path can exit repo directory #4850

Closed
annasong20 opened this issue Nov 2, 2022 · 5 comments
Closed

RepoSpec path can exit repo directory #4850

annasong20 opened this issue Nov 2, 2022 · 5 comments
Assignees
@annasong20
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@annasong20
Copy link
Contributor

annasong20 commented Nov 2, 2022
edited
Loading

Describe the bug
RepoSpec doesn't currently audit its Path, or the path to the root within the repo. This, in combination with fileLoader not checking the root, can lead to remote roots that traverse the user's local file system.

Specifically, urls of the form https://github.com/org/repo//../../../.., where the Path is "../../../..", can be used to escape the repo to access the user's local directories.

Files that can reproduce the issue
Test here: 6e60afe#diff-5bce8892c5c28e9ea5ca5ee37a1f2a74e63b9499656c9616df78d8b7ea23e5f1R505

Expected output
As in test, an error should be thrown stating that the loader cannot traverse outside of the repo directory.

Actual output
The Run() method currently executes without error. The loader exits the repo directory and loads the local root.

Kustomize version
Commit on master branch: 997e6fc

Additional context
#4797, #4848

After discussion, @KnVerey, @natasha41575 agreed that this issue has contained severity because local roots accessed need to contain a kustomization.yaml file.
@annasong20 annasong20 added the kind/bug Categorizes issue or PR as related to a bug. label Nov 2, 2022
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Nov 2, 2022
@annasong20
Copy link
Contributor Author

/kind triage/accepted

@k8s-ci-robot
Copy link
Contributor

@annasong20: The label(s) kind/triage/accepted cannot be applied, because the repository doesn't have them.

In response to this:

/kind triage/accepted

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@annasong20
Copy link
Contributor Author

/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Nov 23, 2022
@annasong20
Copy link
Contributor Author

/assign

@annasong20 annasong20 mentioned this issue Nov 23, 2022
Merged
@annasong20
Copy link
Contributor Author

annasong20 commented Nov 30, 2022
edited
Loading

Should be fixed by #4885

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@annasong20 annasong20

Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@k8s-ci-robot @annasong20