Closed paul-tharun closed 1 week ago
Hello @paul-tharun, you are right that the .../files/entry
API can be used to retrieve any file on the local file system. You would likely be able to achieve a similar effect by creating a model that uses DuckDB SQL to query an arbitrary file path on the local machine.
When running rill start
on your local computer, we have a CORS policy in place preventing other websites open in your browser from exploiting these endpoints, but apart from that, we rely on the security of your local computer to guard against abuse from external clients. This is certainly not perfect, but similar to other local developer tools that expose capabilities on localhost
.
When it comes to self-hosting Rill on a server exposed to the public internet, that is unfortunately not something we officially support or recommend at the moment (even though it is possible and some people do it, usually behind a proxy that does authentication). For deploying Rill projects, we recommend using Rill Cloud (see the docs for deployment instructions), which has various layers of protection that guard against these kinds of security issues.
Closing this issue since it seems related to self-hosting, which is not currently supported (but feel free to start a discussion around it in https://github.com/rilldata/rill/discussions). If you still think there's an issue with security on local, please let me know and I'll reopen the issue.
Describe the bug The path in
/v1/instances/{instance-id}/files/entry?path=
is not escaped properly leading to arbitrary read of any text file on the server .To Reproduce Steps to reproduce the behavior:
/v1/instances/{instance-id}/files/entry?path=../../../../../../../../../etc/passwd
responds back with the contents of the/etc/passwd
fileExpected behavior User should only have access to their directory, should not be able to read other files on the server.
Additional context The source of the bug is https://github.com/rilldata/rill/blob/00d9dc7410fdc8550b2a2245fd94ee1b3040d2f3/runtime/drivers/file/repo.go#L74-L86C9 , I can pick it up and open a PR is it is alright .