add retrievalSecurityPolicy
This will be used to protect against CVE-2018-10859, where an encrypted special remote is fed the wrong encrypted data, and so tricked into decrypting something that the user encrypted with their gpg key and did not store in git-annex. It also protects against CVE-2018-10857, where a remote follows a http redirect to a file:// url or to a local private web server. While that's already been prevented in git-annex's own use of http, external special remotes, hooks, etc use other http implementations and could still be vulnerable. The policy is not yet enforced, this commit only adds the appropriate metadata to remotes. This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
This commit is contained in:
parent
537935333f
commit
4315bb9e42
19 changed files with 91 additions and 2 deletions
|
@ -161,6 +161,7 @@ gen r u c gc
|
|||
, storeKey = copyToRemote new st
|
||||
, retrieveKeyFile = copyFromRemote new st
|
||||
, retrieveKeyFileCheap = copyFromRemoteCheap new st
|
||||
, retrievalSecurityPolicy = RetrievalAllKeysSecure
|
||||
, removeKey = dropKey new st
|
||||
, lockContent = Just (lockKey new st)
|
||||
, checkPresent = inAnnex new st
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue