v3.6.9 released
68 views
Skip to first unread message
Sitaram Chamarty
Sep 8, 2018, 6:53:58 AM9/8/18
to gito...@googlegroups.com, gitolite...@googlegroups.com, Björn Kautler
Hi all
Björn Kautler found a problem in the documented method to
migrate existing repos to gitolite. If your gitolite.conf has
permissions for "@all" repos, or to a regex that matches one of
the repos being migrated, then, after the repo has been moved,
but before someone runs step 3 of [1], it is possible for valid
users with rights to said repos to gain access to the
repository in ways they normally should not be able to.
The initial fix was to add to the documentation a warning that
administrators should disable writes (as per [2]), but later I
decided to fix it in code.
Note that this cannot be exploited unless the attacker knows
when you are migrating repos. Also, it makes a log entry for
such access, so it cannot be silently exploited either.
Thanks again to Björn Kautler for catching this!
regards
sitaram
[1]: http://gitolite.com/gitolite/basic-admin/#appendix-1-bringing-existing-repos-into-gitolite
[2]: http://gitolite.com/gitolite/odds-and-ends/#disabling-pushes-to-take-backups
Björn Kautler found a problem in the documented method to
migrate existing repos to gitolite. If your gitolite.conf has
permissions for "@all" repos, or to a regex that matches one of
the repos being migrated, then, after the repo has been moved,
but before someone runs step 3 of [1], it is possible for valid
users with rights to said repos to gain access to the
repository in ways they normally should not be able to.
The initial fix was to add to the documentation a warning that
administrators should disable writes (as per [2]), but later I
decided to fix it in code.
Note that this cannot be exploited unless the attacker knows
when you are migrating repos. Also, it makes a log entry for
such access, so it cannot be silently exploited either.
Thanks again to Björn Kautler for catching this!
regards
sitaram
[1]: http://gitolite.com/gitolite/basic-admin/#appendix-1-bringing-existing-repos-into-gitolite
[2]: http://gitolite.com/gitolite/odds-and-ends/#disabling-pushes-to-take-backups
Reply all
Reply to author
Forward
0 new messages