Re: Server file access on godbolt
39 views
Skip to first unread message
Matt Godbolt
Nov 1, 2019, 2:08:09 PM11/1/19
to kieran....@ideasonboard.com, compiler-explo...@googlegroups.com
Hi!
Thanks for the kind words, and for your email. There's not too much to worry about: CE runs in a pretty strong sandbox - https://github.com/mattgodbolt/compiler-explorer/tree/master/etc/firejail lists all the things that are walled off. Additionally you can execute user code on Compiler Explorer anyway, so pretty much all files are carefully sandboxed :)
That said: I took a look at the info you linked - is there anything in particular you think is "leaky" ? The info you showed are all pretty much public information (it's well known we run on ec2 instances), and the rest is public or not (to me anyway) interesting. I don't think `/etc/passwd` has been useful for cracking/hacking since the 90s :D But I could be wrong...
Thanks!!!
--matt :)
On Fri, Nov 1, 2019 at 11:11 AM Kieran Bingham <kieran....@ideasonboard.com> wrote:
Hi Matt,
Firstly, Thank you for making the Compiler Explorer. It's awesome.
Secondly, I wanted to highlight this to you without going through the
public issue channels, as I don't want this to get abused and effect
your servers.
This afternoon I saw a great trick to compile-time random bytes:
> https://twitter.com/thephantomderp/status/1190284414053441536?s=20
which links to :
https://godbolt.org/z/zoI4KP
And simply does:
> #include <embed>
>
> auto random_str = std::embed("/dev/urandom", 32);
But that seems to leave lots of access open to your servers:
For example, I've just been playing with:
https://godbolt.org/z/wFD-Dv
> #include <embed>
>
> auto self_cmdline = std::embed("/proc/self/cmdline", 4096);
> auto self_env = std::embed("/proc/self/environ", 4096);
>
> auto cpuinfo = std::embed("/proc/cpuinfo", 4096);
> auto mounts = std::embed("/proc/mounts", 4096);
> auto cmdline = std::embed("/proc/cmdline", 4096);
> auto home = std::embed("/etc/passwd", 4096);
which ... retrieves plenty of interesting information.
Fortunately, a lot of access does seem to be locked down, so I hope that
this is 'mostly' harmless.
--
Regards
--
Kieran
Matt
Kieran Bingham
Nov 4, 2019, 5:10:35 AM11/4/19
to Matt Godbolt, compiler-explo...@googlegroups.com
Hi Matt,
On 01/11/2019 18:07, Matt Godbolt wrote:
> Hi!
>
> Thanks for the kind words, and for your email. There's not too much to
> worry about: CE runs in a pretty strong sandbox
> - https://github.com/mattgodbolt/compiler-explorer/tree/master/etc/firejail lists
> all the things that are walled off.
Ok good :-D
> Additionally you can execute user
> code on Compiler Explorer anyway, so pretty much all files are carefully
> sandboxed :)
Aha - indeed, well then just reading files is a mere drop compared to
what /could/ be done then. So I don't think there's any issue here.
> That said: I took a look at the info you linked - is there anything in
> particular you think is "leaky" ? The info you showed are all pretty
> much public information (it's well known we run on ec2 instances), and
> the rest is public or not (to me anyway) interesting. I don't think
> `/etc/passwd` has been useful for cracking/hacking since the 90s :D But
> I could be wrong...
/etc/passwd was just how I glanced to see what users were available on
the system. I'm no infosec, just a kernel developer, so I don't know all
the current vulnerabilities - but seeing lots of open information seemed
worrisome to me.
But if you're not worried - then I'm not :-D
--
Cheers
Kieran
> Thanks!!!
>
> --matt :)
>
> On Fri, Nov 1, 2019 at 11:11 AM Kieran Bingham
> <kieran....@ideasonboard.com
--
Regards
--
Kieran
On 01/11/2019 18:07, Matt Godbolt wrote:
> Hi!
>
> Thanks for the kind words, and for your email. There's not too much to
> worry about: CE runs in a pretty strong sandbox
> - https://github.com/mattgodbolt/compiler-explorer/tree/master/etc/firejail lists
> all the things that are walled off.
> Additionally you can execute user
> code on Compiler Explorer anyway, so pretty much all files are carefully
> sandboxed :)
what /could/ be done then. So I don't think there's any issue here.
> That said: I took a look at the info you linked - is there anything in
> particular you think is "leaky" ? The info you showed are all pretty
> much public information (it's well known we run on ec2 instances), and
> the rest is public or not (to me anyway) interesting. I don't think
> `/etc/passwd` has been useful for cracking/hacking since the 90s :D But
> I could be wrong...
the system. I'm no infosec, just a kernel developer, so I don't know all
the current vulnerabilities - but seeing lots of open information seemed
worrisome to me.
But if you're not worried - then I'm not :-D
--
Cheers
Kieran
> Thanks!!!
>
> --matt :)
>
> On Fri, Nov 1, 2019 at 11:11 AM Kieran Bingham
> <kieran....@ideasonboard.com
Regards
--
Kieran
Matt Godbolt
Nov 4, 2019, 8:57:27 AM11/4/19
to compiler-explo...@googlegroups.com, kieran....@ideasonboard.com
Awesome, thanks! I'm somewhat naive about this so I don't want to appear _too_ confident, especially if you have some expertise!
Thanks for taking the time to report this :)
--matt
--
You received this message because you are subscribed to the Google Groups "Compiler Explorer Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to compiler-explorer-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/compiler-explorer-development/a51c2241-abe7-2af4-1e90-9f98e085cd3e%40ideasonboard.com.
Matt
Reply all
Reply to author
Forward
0 new messages