Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Option to disable local server path import #715

Closed
rugk opened this issue Jan 22, 2017 · 4 comments
Closed

Option to disable local server path import #715

rugk opened this issue Jan 22, 2017 · 4 comments
Labels
type/enhancement An improvement of existing functionality
Milestone
1.1.0

Comments

@rugk
Copy link
Contributor

rugk commented Jan 22, 2017
edited by tboerger
Loading

In the migration settings it is stated that also local server paths can be migrated! It explicitly states local server paths.

So, but, ... why should I want it!?
When you provide a public Gitea instance this might mean that anyone could import any locally stored git repo or so.

Generally it is a bad idea to allow any (potentially malicious) user to access any local server files, which they can request. Fortunately /etc is usually not git repo, otherwise they could have accessed /etc/passwd too.

So at least make that thing configurable, but I also recommend you to deactivate it by default. Who needs such a strange feature anyway?

upstream issue: gogs/gogs#4033
@lunny lunny added this to the 1.1.0 milestone Jan 22, 2017
@lunny lunny added the topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! label Jan 22, 2017
@Bwko Bwko mentioned this issue Jan 22, 2017
Merged
@tboerger
Copy link
Member

The local import is anyway only allowed for admins or users that got this specific permission.

@tboerger tboerger added type/enhancement An improvement of existing functionality and removed topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! labels Jan 23, 2017
@tboerger tboerger changed the title [critical] Option to disable local server path import Option to disable local server path import Jan 23, 2017
@lunny lunny closed this as completed Jan 23, 2017
@dchest
Copy link

dchest commented Jan 23, 2017
edited
Loading

Please reconsider: admin of Gitea instance (or another user having permission to do local import) is not equivalent to admin of the server on which it runs.

It also opens an attack vector — by gaining access to Gitea admin account it may be possible to get access to other resources on the server (e.g. /etc directory in etckeeper is mentioned in the gogs issue thread if's accessible to user running Gitea instance).

This should be properly handled as a security issue, with published notification about it, etc.

@tboerger
Copy link
Member

But it's still an working as expected feature. But a pr to add an option to disable it have been merged to master.

@rugk rugk mentioned this issue Feb 10, 2017
Closed
@rugk
Copy link
Contributor Author

rugk commented Feb 10, 2017

see #898

@go-gitea go-gitea locked and limited conversation to collaborators Nov 23, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
1.1.0
Development

No branches or pull requests
4 participants
@dchest @lunny @tboerger @rugk