search

gitpod-io / gitpod

The developer platform for on-demand cloud development environments to create software faster and more securely.
https://www.gitpod.io
GNU Affero General Public License v3.0
13.02k stars 1.25k forks source link

[Security] Block certain gp commands when sharing a workspace #6782

Open shaal opened 3 years ago

shaal commented 3 years ago

Is your feature request related to a problem? Please describe

Sharing a workspace, comes with a huge security flaw, because you also share your git credentials, and secrets stored in your user account.

Describe the behaviour you'd like

When a workspace is shared, the commands gp env (access to user variables) and gp credential-helper (access to git credentials) should be disabled. That way sharing a workspace with others becomes safe! Users I share the workspace with, can make changes in that specific workspace (that's what I specifically allowed when clicking "Share Workspace"), but they don't have access to my permissions or secrets. They can no longer access my other repos or information that I don't want to share.

Describe alternatives you've considered

My poor man's hack that I use until this feature is officially implemented, a script that removes the credential.helper line from ~/.gitconfig https://github.com/shaal/DrupalPod/pull/46/files#diff-6ed300724c7e75fd4724d06dd9f6d386c13c69e35037f3807aea78811235bafaR6

Additional context

loujaybee commented 2 years ago

Could end up as an IDE / gp CLI fix, or a workspace / global fix.

akosyakov commented 2 years ago

I don't think it should be fixed on level of GP cli, there are other way to fetch this data from workspace. We should rather reconsider how we do live collaboration in general.

cc @csweichel

csweichel commented 2 years ago

We should rather reconsider how we do live collaboration in general.

💯 agreed. The current sharing concept is much like handing over your laptop, and it would be rather hard adding restrictions to that.

shaal commented 2 years ago

The VSCode extension LiveShare (I wish Gitpod would create an open-source alternative to that), differentiate the type of sharing you can do with others -

akosyakov commented 2 years ago

@shaal one day 😄

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

shaal commented 2 years ago

please add meta: never-stale label to this issue