Delete symlinks after extracting files
What does this MR do and why?
Updates the methods untar_zxf
and untar_xf
to delete symlinks after extracting the files to make the methods secure by default in terms of symlinks attacks
Related to: Automatically perform validations / symlink cle... (#384591 - closed)
Screenshots or screen recordings
GitLab Direct Transfer
How to set up and validate locally
The untar_zxf
method is used to decompress the project export archive. To test if the symlinks are being deleted before importing the files, export a project via UI in Project -> Settings -> Advanced -> Export Project.
Download the project export file, extract the file, and replace the files with a symlink. For example, project archives have a VERSION file, replace the VERSION file with a symlink, compress the files back to a tar.gz, and import the archive via New Project -> Import Project -> Gitlab Export. The export should fail as the VERSION file shouldn't be found.
The untar_xf
is used by GitLab Direct Transfer to extract relation files. Because GitLab Direct Transfer automatically downloads files from the source instance, to test, we need to modify the response sent by the source instance, and one of the options is to use a proxy.
Below is a Node proxy that can be used
To use the proxy.js, extract it, create a uploads.tar.gz, and start the proxy with node proxy.js
The content of the uploads.tar.gz
should be something like this:
.
├── cecf99ba2b4401b0ebaf3ac6d361cdc6
│ └── security.txt -> /Users/rodrigotomonari/Sites/g/gitlab/security.txt
└── e79c56d85abc19ad52fd33be4550743d
└── cat.jpg
Then when using GitLab Direct Transfer, provide the source URL of the proxy, for example: http://gdk.test:3002
After importing the group/project, the URL
http://gdk.test:3000/NAMESPACE_PATH/-/uploads/cecf99ba2b4401b0ebaf3ac6d361cdc6/security.txt
should return 404
http://gdk.test:3000/NAMESPACE_PATH/-/uploads/e79c56d85abc19ad52fd33be4550743d/cat.jpg
should return 200
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.