Page MenuHomePhabricator

Correct an issue where "View Raw File" in Differential generated a file with overbroad permissions
ClosedPublic

Authored by epriestley on Mar 16 2017, 4:13 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Dec 17, 3:18 PM
Unknown Object (File)
Tue, Dec 17, 6:32 AM
Unknown Object (File)
Sat, Dec 14, 9:30 PM
Unknown Object (File)
Fri, Dec 13, 5:18 AM
Unknown Object (File)
Mon, Nov 25, 10:47 AM
Unknown Object (File)
Nov 17 2024, 12:47 PM
Unknown Object (File)
Nov 9 2024, 1:11 PM
Unknown Object (File)
Oct 22 2024, 9:54 AM
Subscribers
None

Details

Summary

Via HackerOne. When you view a raw file in Differential, we currently generate a permanent file with default permissions. This may be incorrect: default permissions may be broader than the diff's permissions.

The other three methods of downloading/viewing raw files ("Download" in Diffusion and Differential, "View Raw" in Diffusion and Differential) already apply policies correctly and generate temporary files. However, this workflow was missed when other workflows were updated.

Beyond updating the workflow, delete any files we've generated in the past. This wipes the slate clean on any security issues and frees up a little disk space.

Test Plan
  • Ran migration script, saw existing files get purged.
  • Did "View Raw File", got a new file.
  • Verified that the file was temporary and properly attached to the diff, with "NO ONE" permissions.
  • Double-checked that Diffusion already runs policy logic correctly and applies appropriate policies.
  • Double-checked that "Download Raw Diff" in Differential already runs policy logic correctly.
  • Double-chekced that "Download Raw Diff" in Diffusion already runs policy logic correctly.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable