lucab
commented
3 years ago Looking a bit more into GCP related material, the explicit 169.254.169.254 address is already referenced in a few places:
- in the docs, https://cloud.google.com/compute/docs/internal-dns/#access_by_internal_DNS
- in their Go client library, https://github.com/googleapis/google-cloud-go/blob/v0.86.0/compute/metadata/metadata.go#L39
Specifically, a comment in the Go library says this IP address is documented as being stable anyway.
jlebon
bgilbert
dustymabe
On GCP, both Ignition and Afterburn access the GCE metadata service via the hostname
metadata.google.internalwithout any further authentication of the service, as instructed by official documentation. An attack that rebinds that hostname can inject arbitrary code (Ignition) or SSH keys (Afterburn). There have been multiple exploits that involve poisoning that hostname via forged DHCP replies and a vulnerable DHCP hook calledgoogle_set_hostname. We don't ship that script, but since DNS poisoning in this case leads to trivial instance takeover, we should perhaps consider mitigations.metadata.google.internalresolves to 169.254.169.254. One option is to just hardcode that IP. It's not clear that Google has documented the address as stable, but it'd probably be hard to change it at this point. Other clouds use the same address.In the case of Ignition, another potential option is to query the metadata service before a globally routable address has been configured. However, that would require structural changes to Ignition, since merged configs are fetched in the same Ignition stage as the main config. It also wouldn't help Afterburn.
xref https://github.com/coreos/fedora-coreos-tracker/issues/885