domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Mitigate Security vulnerability in the git hook feature (#13058)

Browse source 
* Extend git hook warning in the UI.

Git hooks are a dangerous feature, administrators should be warned before giving
the git hook privilege to users.

* Disable Git hooks by default and add warning.

Git hooks are a dangerous features (see warning text) that should only
be enabled if the administrator was informed about the risk involved.

Co-authored-by: Niklas Goerke <goerke@fzi.de>
This commit is contained in:
Niklas Goerke 2020-10-07 11:55:13 +02:00 committed by GitHub
parent d49242287d
commit 8fe8ab5cbf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
docs/content/doc/advanced/config-cheat-sheet.en-us.md
View file

@ -388,8 +388,13 @@ relation to port exhaustion.
authentication.
- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy
authentication provided email.
- `DISABLE_GIT_HOOKS`: **false**: Set to `true` to prevent all users (including admin) from creating custom
git hooks.
- `DISABLE_GIT_HOOKS`: **true**: Set to `false` to enable users with git hook privilege to create custom git hooks.
WARNING: Custom git hooks can be used to perform arbitrary code execution on the host operating system.
This enables the users to access and modify this config file and the Gitea database and interrupt the Gitea service.
By modifying the Gitea database, users can gain Gitea administrator privileges.
It also enables them to access other resources available to the user on the operating system that is running the
Gitea instance and perform arbitrary actions in the name of the Gitea OS user.
This maybe harmful to you website or your operating system.
- `ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET`: **true**: Set to `false` to allow local users to push to gitea-repositories without setting up the Gitea environment. This is not recommended and if you want local users to push to gitea repositories you should set the environment appropriately.
- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server.
- `INTERNAL_TOKEN`: **\<random at every install if no uri set\>**: Secret used to validate communication within Gitea binary.