This repository has been archived by the owner on Sep 23, 2020. It is now read-only.
pass through cp propagation needs a path whitelist #69
Comments
|
It should further be noted that a user can attempt to boot any file to which the nimbus user on the VMM has read access. |
buzztroll
added a commit
that referenced
this issue
Jul 22, 2011
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
A side effect of adding copy propagation for cumulus urls is that it can also be used as a pass through propagation method. This is off by default, but when enabled it has bad security implications. The nimbus user will be copying the images, which means that any file in the cumulus archive could be copied for boot. We need to have a whitelist of directories and some documentation heavily warning users about the implications if they enable pass through cp propagation.
The text was updated successfully, but these errors were encountered: