Page MenuHomePhabricator

Prevent Repository local path edit from the web UI
ClosedPublic

Authored by epriestley on Nov 13 2013, 5:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 18, 1:20 AM
Unknown Object (File)
Wed, Dec 11, 5:21 AM
Unknown Object (File)
Fri, Dec 6, 7:07 PM
Unknown Object (File)
Thu, Nov 28, 2:24 AM
Unknown Object (File)
Tue, Nov 26, 1:23 PM
Unknown Object (File)
Tue, Nov 26, 1:23 PM
Unknown Object (File)
Tue, Nov 26, 1:23 PM
Unknown Object (File)
Tue, Nov 26, 1:03 PM
Subscribers

Details

Summary

Ref T4039. This fixes an issue where a user with the ability to create repositories could view repositories he is otherwise not permitted to see, by following these steps:

  • Suppose you want to see repository "A".
  • Create a repository with the same VCS, called "B".
  • Edit the local path, changing "/var/repo/B" to "/var/repo/A".
  • Now it points at a working copy of a repository you can't see.
  • Although you won't be able to make it through discovery (the pull will fail with the wrong credentials), you can read some information out of the repository directly through the Diffusion UI, probably?

I'm not sure this was really practical to execute since there are a bunch of sanity checks along most/all of the major pathways, but lock it down since normal users shouldn't be editing it anyway. In the best case, this would make a mess.

Test Plan

{F81391}

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped