Skip to content

Add validation to allowed directories on config load #1144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Add validation to allowed directories on config load #1144

wants to merge 10 commits into from

Conversation

sean-breen
Copy link
Contributor

Proposed changes

Adds some validation of paths when loading the allowed directories.

Allowed paths must:

  • be absolute
  • not contain any relative portions (.,..,etc)
  • contain any unsupported characters

Any files not satisfying this criteria will be ignored, and logged at WARN level.

When checking if a path is allowed using isAllowedDir, we will now check if the path exists and if it does we will perform a symlink check. Any symlinks will be logged and the function will return false.

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING document
  • I have run make install-tools and have attached any dependency changes to this pull request
  • If applicable, I have added tests that prove my fix is effective or that my feature works
  • If applicable, I have checked that any relevant tests pass after adding my changes
  • If applicable, I have updated any relevant documentation (README.md)
  • If applicable, I have tested my cross-platform changes on Ubuntu 22, Redhat 8, SUSE 15 and FreeBSD 13

@sean-breen sean-breen requested a review from a team as a code owner June 25, 2025 15:05
@github-actions github-actions bot added the chore Pull requests for routine tasks label Jun 25, 2025
@dhurley dhurley added the v3.x Issues and Pull Requests related to the major version v3 label Jun 27, 2025
aphralG
aphralG reviewed Jul 1, 2025
View reviewed changes
internal/config/types.go
// isAllowedDir checks if the given path is in the list of allowed directories.
// It returns true if the path is allowed, false otherwise.
// If the path does not exist, it logs a warning and returns false.
// It also checks if the path is a file, in which case it checks the directory of the file.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the part about if path doesn't exist might cause issues when this PR goes in #1134. From my understanding a directory that does not exist can be refrenced

Copy link
Contributor Author

@sean-breen sean-breen Jul 1, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed that portion so I'll update the comment, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aphralG aphralG aphralG left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
chore Pull requests for routine tasks v3.x Issues and Pull Requests related to the major version v3
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sean-breen @aphralG @dhurley