std.ssh action can be used to explore executor's filesystem
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mistral |
Fix Released
|
High
|
Adriano Petrich |
Bug Description
Since std.ssh private_
mistral run-action std.ssh '{"cmd"
{"result": "Failed to run action [action_ex_id=None, action_cls='<class 'mistral.
'ls' on [u'127.
mistral run-action std.ssh '{"cmd"
{"result": "Failed to run action [action_ex_id=None, action_cls='<class 'mistral.
This can help detect the nature of the underlying system:
mistral run-action std.ssh '{"cmd"
{"result": "Failed to run action [action_ex_id=None, action_cls='<class 'mistral.
-> Hello Debian based system!
This behavior is not present in pike (haven't tested versions in between pike and master) because it does not allow absolute path.
CVE References
Changed in mistral: | |
milestone: | rocky-3 → rocky-rc1 |
Changed in mistral: | |
milestone: | rocky-rc1 → rocky-rc2 |
Changed in mistral: | |
milestone: | rocky-rc2 → stein-1 |
information type: | Private Security → Public Security |
Changed in mistral: | |
status: | Confirmed → In Progress |
I only see two options out of this problem:
1) Remove the possibility to use absolute path but this might break stuff
2) Put a generic error message for both (file does not exist or file exists but is not a valid key) that does not disclose the existence of the file. Something like "Cannot use private key [...]"