sneak/upaas
1
0
Fork 0
Code Issues 21 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

SECURITY: No validation on volume host paths allows arbitrary filesystem access #35

New Issue
Closed
opened 2026-02-16 06:56:31 +01:00 by clawbot · 1 comment
clawbot commented 2026-02-16 06:56:31 +01:00
Collaborator
Copy Link

Severity: HIGH

File: internal/handlers/app.go lines 525-545 (HandleVolumeAdd)

Description

When adding a volume mount, the host_path form value is accepted without any validation or sanitization. An authenticated user can specify any host path (e.g., /etc/shadow, /var/run/docker.sock, /) and it will be bind-mounted into the container.

While this is a single-user system and the user is already an admin, this is still a defense-in-depth concern:

  • If the session is hijacked, the attacker gets arbitrary filesystem access via container mounts
  • There's no allowlist or denylist of paths
  • No warning to the user about dangerous mounts

Suggested Fix

  1. Add a configurable allowed_volume_prefix (e.g., /data/) that restricts host paths
  2. At minimum, reject paths like /etc, /var/run/docker.sock, /proc, /sys
  3. Validate that paths are absolute and normalized (no .. traversal)
func isAllowedHostPath(path string) bool {
    cleaned := filepath.Clean(path)
    if cleaned != path {
        return false // path contains .., //, etc.
    }
    blocked := []string{"/etc", "/proc", "/sys", "/dev", "/var/run/docker.sock"}
    for _, b := range blocked {
        if strings.HasPrefix(cleaned, b) {
            return false
        }
    }
    return true
}
## Severity: HIGH ## File: `internal/handlers/app.go` lines 525-545 (HandleVolumeAdd) ## Description When adding a volume mount, the `host_path` form value is accepted without any validation or sanitization. An authenticated user can specify any host path (e.g., `/etc/shadow`, `/var/run/docker.sock`, `/`) and it will be bind-mounted into the container. While this is a single-user system and the user is already an admin, this is still a defense-in-depth concern: - If the session is hijacked, the attacker gets arbitrary filesystem access via container mounts - There's no allowlist or denylist of paths - No warning to the user about dangerous mounts ## Suggested Fix 1. Add a configurable `allowed_volume_prefix` (e.g., `/data/`) that restricts host paths 2. At minimum, reject paths like `/etc`, `/var/run/docker.sock`, `/proc`, `/sys` 3. Validate that paths are absolute and normalized (no `..` traversal) ```go func isAllowedHostPath(path string) bool { cleaned := filepath.Clean(path) if cleaned != path { return false // path contains .., //, etc. } blocked := []string{"/etc", "/proc", "/sys", "/dev", "/var/run/docker.sock"} for _, b := range blocked { if strings.HasPrefix(cleaned, b) { return false } } return true } ```
sneak commented 2026-02-16 07:09:03 +01:00
Owner
Copy Link

dupe #20

dupe #20
sneak closed this issue 2026-02-16 07:09:03 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
notplanned

   
question

More information is needed

  
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
notplanned
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sneak/upaas#35
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?