Cloud Shell’s threat model did not match the threat model of the software it was built on. Most IDEs seem to operate under the assumption that if a user opens a project in their IDE, they trust the project. But, Cloud Shell exposes an easy way to trick a user into opening a potentially untrusted project in a very privileged environment. This mismatch plus the fact that Cloud Shell is built on top of lots of open-source software leads to some fun bugs.
Summary (give a brief description of the issue)
Cloud Shell’s threat model did not match the threat model of the software it was built on. Most IDEs seem to operate under the assumption that if a user opens a project in their IDE, they trust the project. But, Cloud Shell exposes an easy way to trick a user into opening a potentially untrusted project in a very privileged environment. This mismatch plus the fact that Cloud Shell is built on top of lots of open-source software leads to some fun bugs.
References (provide links to blogposts, etc.)
https://blog.daviddworken.com/posts/cloud-shell-bugs-explained/