Project

General

Profile

Actions

Bug #20271

closed

Safe mode rendering does not correctly prevent using symbol to proc calls

Added by Tomer Brisker over 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Security
Target version:

Description

Using methods such as `.each`, a user can pass as an argument a symbol to be called, for example `.each(&:delete)`.
This allows execution of commands that should be blocked by the jail.
A fix proposal in the safemode gem has been suggested: https://github.com/svenfuchs/safemode/pull/23
Once it is merged we should update our version of the gem to the latest one.


Related issues 1 (0 open1 closed)

Copied to Katello - Bug #20836: Safe mode rendering does not correctly prevent using symbol to proc callsClosedMarek Hulán07/11/2017Actions
Actions #1

Updated by Marek Hulán over 7 years ago

  • Category changed from Templates to Security
Actions #2

Updated by Marek Hulán over 7 years ago

This should be probably cherry-picked to all supported Foreman versions.

Actions #3

Updated by Tomer Brisker over 7 years ago

  • Bugzilla link set to 1469599
Actions #4

Updated by The Foreman Bot over 7 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Tomer Brisker
  • Pull request https://github.com/theforeman/foreman/pull/4659 added
Actions #5

Updated by Daniel Lobato Garcia over 7 years ago

  • Translation missing: en.field_release set to 276
Actions #6

Updated by Anonymous over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #7

Updated by Alex Fisher over 7 years ago

This possibly should be reopened until https://github.com/theforeman/community-templates/issues/406 is resolved.

Actions #8

Updated by Daniel Lobato Garcia over 7 years ago

The fix is fine, on nightly it prevents using &: . The linked GH issue with templates not being 'aware' of this fix is a different thing.

Actions #9

Updated by The Foreman Bot over 7 years ago

  • Pull request https://github.com/theforeman/community-templates/pull/407 added
Actions #10

Updated by The Foreman Bot over 7 years ago

  • Pull request https://github.com/theforeman/foreman/pull/4669 added
Actions #11

Updated by The Foreman Bot over 7 years ago

  • Pull request https://github.com/theforeman/community-templates/pull/411 added
Actions #12

Updated by Marek Hulán over 7 years ago

  • Copied to Bug #20836: Safe mode rendering does not correctly prevent using symbol to proc calls added
Actions

Also available in: Atom PDF