Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ACL: disallow missing path in secure variable policy #14123

Merged
merged 1 commit into from
Aug 15, 2022
Merged

ACL: disallow missing path in secure variable policy #14123

merged 1 commit into from
Aug 15, 2022

Conversation

tgross
Copy link
Member

@tgross tgross commented Aug 15, 2022

Fixes #14038

The HCL parser allows for labels that aren't needed, which makes it easy to
accidentally write a secure_variable block that has the intended path as the
label for that block instead of the innner path block. This can result in
silent failure to lock down variables if an incorrectly specified block was used
to reduce the scope of capabilities (for example, if another correctly-written
rule allows access to *).

We can't detect the extraneous label in the HCL API, but we can detect if we're
missing path blocks entirely. Use this to block obvious user errors.

@tgross
ACL: disallow missing path in secure variable policy
ef6e2c9 
The HCL parser allows for labels that aren't needed, which makes it easy to
accidentally write a `secure_variable` block that has the intended path as the
label for that block instead of the innner `path` block. This can result in
silent failure to lock down variables if an incorrectly specified block was used
to reduce the scope of capabilities (for example, if another correctly-written
rule allows access to `*`).

We can't detect the extraneous label in the HCL API, but we can detect if we're
missing `path` blocks entirely. Use this to block obvious user errors.
@tgross tgross added theme/variables Variables feature theme/auth labels Aug 15, 2022
@tgross tgross added this to the 1.4.0 milestone Aug 15, 2022
DerekStrickland
DerekStrickland approved these changes Aug 15, 2022
View reviewed changes
Copy link
Contributor

@DerekStrickland DerekStrickland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@tgross tgross merged commit b9d1952 into main Aug 15, 2022
@tgross tgross deleted the sv-acl-invalid-parsing branch August 15, 2022 21:06
@tgross tgross mentioned this pull request Aug 16, 2022
Closed
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 14, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@DerekStrickland DerekStrickland DerekStrickland approved these changes

@angrycub angrycub Awaiting requested review from angrycub

Assignees
No one assigned
Labels
theme/auth theme/variables Variables feature
Projects
None yet
Milestone
1.4.0
Development

Successfully merging this pull request may close these issues.

secure vars ACL policy parsing allows invalid policies
2 participants
@tgross @DerekStrickland