Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent writing outside allowed directories list from a config payload with actions #766

Merged
merged 4 commits into from
Aug 8, 2024
Merged

Prevent writing outside allowed directories list from a config payload with actions #766

merged 4 commits into from
Aug 8, 2024

Conversation

oliveromahony
Copy link
Contributor

@oliveromahony oliveromahony commented Aug 1, 2024
edited
Loading

Proposed changes

  • Prevent Agent from writing config files in certain circumstances outside of the allowed directories list
  • Add reporting of allow list to AgentDetails

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING document
  • I have run make install-tools and have attached any dependency changes to this pull request
  • If applicable, I have added tests that prove my fix is effective or that my feature works
  • If applicable, I have checked that any relevant tests pass after adding my changes
  • If applicable, I have updated any relevant documentation (README.md)
  • If applicable, I have tested my cross-platform changes on Ubuntu 22, Redhat 8, SUSE 15 and FreeBSD 13

@github-actions github-actions bot added chore Pull requests for routine tasks dependencies documentation Improvements or additions to documentation labels Aug 1, 2024
@oliveromahony oliveromahony changed the title Add allow list to AgentDetails Prevent Agent from writing outside allowed directories list from a config payload with actions Aug 7, 2024
@oliveromahony oliveromahony changed the title Prevent Agent from writing outside allowed directories list from a config payload with actions Prevent writing outside allowed directories list from a config payload with actions Aug 7, 2024
dhurley
dhurley approved these changes Aug 7, 2024
View reviewed changes
sdk/proto/agent.proto Outdated Show resolved Hide resolved
@oliveromahony oliveromahony merged commit 3dc98f3 into main Aug 8, 2024
28 checks passed
@oliveromahony oliveromahony deleted the add-allow-list-test branch August 8, 2024 11:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aphralG aphralG aphralG approved these changes

@dhurley dhurley dhurley approved these changes

@craigell craigell Awaiting requested review from craigell

@spencerugbo spencerugbo Awaiting requested review from spencerugbo

Assignees
No one assigned
Labels
chore Pull requests for routine tasks dependencies documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@oliveromahony @dhurley @aphralG