undefined | Better HN

0 pointsajross8mo ago0 comments

I can only repeat the assertion: if you have a victim pulling and installing untrusted tarballs, there is no security boundary being crossed.

It doesn't matter whether it's "from a repo". If you can't trust the repo it can feed you whatever it wants.

0 comments

deathanatos8mo ago

You're not installing the untrusted tarball; helm is merely supposed to be extracting it, and then rendering the templates contained within.

(Those templates, once rendered, might then refer to pods, etc. that might be put into a k8s cluster (or perhaps we merely render then YAML, and never `apply` it), and in that sense, one might imagine that that is an install, but that's not the security boundary being crossed here; this would presumably result in execution on the host running helm, which would definitely be surprising.)

ajrossOP8mo ago

You're quibbling over the meaning of "install" but apparently conceding the part about untrusted? OK, fair enough. I still argue that any process involving the extraction and (ahem) "rendering of contained templates" from untrusted sources is broken in ways a fix for this particular symlink issue isn't going to address.

deathanatos8mo ago

Yes? I don't find that that odd.

Certainly, it would be better to trust the upstream completely, but let's not kid ourselves? See the entire current state of software supply chain in the industry.

But when I visit a website, I don't expect the website to LCE me. Why should turning a YAML adlib into YAML LCE me, regardless of the trust of the upstream. This is not a privilege I'm expecting to give the upstream ever, and this behavior is a clear security bug, to me…

j / k navigate · click thread line to collapse

0 comments

deathanatos8mo ago

You're not installing the untrusted tarball; helm is merely supposed to be extracting it, and then rendering the templates contained within.

ajrossOP8mo ago

deathanatos8mo ago

Yes? I don't find that that odd.

Certainly, it would be better to trust the upstream completely, but let's not kid ourselves? See the entire current state of software supply chain in the industry.

j / k navigate · click thread line to collapse