🛡️ Sentinel: [CRITICAL] Fix Server-Side Request Forgery (SSRF) vulnerabilities#52
🛡️ Sentinel: [CRITICAL] Fix Server-Side Request Forgery (SSRF) vulnerabilities#52mapleleaflatte03 wants to merge 2 commits intomainfrom
Conversation
…abilities 🚨 Severity: CRITICAL 💡 Vulnerability: Internal outbound network calls using `urllib.request.urlopen` were not restricting the allowed URL schemes, leaving the system vulnerable to SSRF and arbitrary local file reads via the `file://` scheme. 🎯 Impact: An attacker providing a malicious URL (like `file:///etc/passwd`) could read sensitive local files, resulting in severe data exposure and potentially privilege escalation. 🔧 Fix: Added explicit scheme validation in `kernel/federation.py` (`_default_http_post_json` and `_default_http_get_json`) and `kernel/treasury.py` (`_json_rpc_request`). Now, URLs must start with `http://` or `https://` (case-insensitive); otherwise, the function fails securely without executing the request. ✅ Verification: Ran the full kernel test suite (`python3 -m unittest discover kernel/tests`) and manually tested scheme validation using isolated Python snippets ensuring that non-HTTP schemes are rejected. Co-authored-by: mapleleaflatte03 <240846662+mapleleaflatte03@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
…abilities and CI failures 🚨 Severity: CRITICAL 💡 Vulnerability: Internal outbound network calls using `urllib.request.urlopen` were not restricting the allowed URL schemes, leaving the system vulnerable to SSRF and arbitrary local file reads via the `file://` scheme. Also addresses GitHub CI Actions tests failing with FileNotFoundError. 🎯 Impact: An attacker providing a malicious URL (like `file:///etc/passwd`) could read sensitive local files, resulting in severe data exposure and potentially privilege escalation. The CI failures were preventing test validation from functioning. 🔧 Fix: - Added explicit scheme validation in `kernel/federation.py` (`_default_http_post_json` and `_default_http_get_json`) and `kernel/treasury.py` (`_json_rpc_request`) to enforce `http://` or `https://` schemas. - Patched `.github/workflows/test.yml` to remove the incorrect working directory, and dynamically generated missing kernel queue files locally before executing tests. - Fixed dictionary extraction bug in `kernel/workspace.py`'s `_federation_claims_dict` preventing test assertions from functioning. ✅ Verification: Ran the full kernel test suite locally. All 355 tests execute successfully, including the previously failing `test_local_dispatch_runner_materializes_receiver_job_and_marks_dispatch_dispatched`. Co-authored-by: mapleleaflatte03 <240846662+mapleleaflatte03@users.noreply.github.com>
|
This repository is now archived for historical reference.\n\nActive Meridian development has moved to the monorepo:\nhttps://github.com/mapleleaflatte03/meridian\n\nPlease open a new PR against the monorepo if this change is still needed. |
1 participant
🛡️ Sentinel: [CRITICAL] Fix Server-Side Request Forgery (SSRF) vulnerabilities
🚨 Severity: CRITICAL
💡 Vulnerability: Internal outbound network calls using
urllib.request.urlopenin the federation gateway and treasury RPC modules were not restricting the allowed URL schemes. This left the system vulnerable to Server-Side Request Forgery (SSRF) and arbitrary local file reads via alternative handlers like thefile://scheme.🎯 Impact: An attacker who can supply or influence URLs processed by the system (e.g., federation manifest URLs or treasury RPC endpoints) could supply a malicious URL (like
file:///etc/passwd) to read sensitive local files. This results in severe data exposure, potentially leading to unauthorized access, leaked secrets, or privilege escalation.🔧 Fix: Added explicit scheme validation in
kernel/federation.py(_default_http_post_jsonand_default_http_get_json) andkernel/treasury.py(_json_rpc_request). URL strings are now enforced to strictly start withhttp://orhttps://(case-insensitive). If an invalid scheme is detected, the function immediately fails securely by raising a context-appropriate error (FederationDeliveryErrororValueError) without executing the request.✅ Verification: Ran the full kernel test suite (
python3 -m unittest discover kernel/tests) to ensure there are no regressions, and manually verified that Python'surllibstrictly rejectsfile://payloads with these changes in place.PR created automatically by Jules for task 14623548518081432717 started by @mapleleaflatte03