Skip to content
This repository has been archived by the owner on May 2, 2023. It is now read-only.

Validate against directory traversal for arguments #42

Open
lumjjb opened this issue Oct 25, 2018 · 2 comments
Open

Validate against directory traversal for arguments #42

lumjjb opened this issue Oct 25, 2018 · 2 comments
Labels
good first issue Good for newcomers help wanted Extra attention is needed

Comments

@lumjjb
Copy link
Member

lumjjb commented Oct 25, 2018

Check if it is possible to perform directory traversal attacks against the runtime and protect against them if possible.

Where this may come up is in the specifying of the .nabla file being specified when passed to runnc-cont/nabla-run.
@lumjjb lumjjb added help wanted Extra attention is needed good first issue Good for newcomers labels Oct 25, 2018
@lumjjb
Copy link
Member Author

lumjjb commented Nov 6, 2018

test it by creating a simple container that’s like

FROM bt/nabla-node-base
ENTRYPOINT ["../../../../../../some.nabla"] or ENTRYPOINT["/some.nabla"]

and have the some.nabla be somewhere in the host file system
so the solution would to ensure that ENTRYPOINT resolves to it’s own root
so like ../../some.nabla should resolve to /some.nabla before setting the nabla launch path to container_rootfs/ENTRYPOINT

@hiteshkotian
Copy link

Working on this

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lumjjb @hiteshkotian