[lxc-devel] [lxd/master] Restrict events API
stgraber on Github
lxc-bot at linuxcontainers.org
Thu Oct 8 02:18:05 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201007/d8b916d3/attachment.bin>
-------------- next part --------------
From 811a47db881650b7b7d37f6a4a42261ee2f28fba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Wed, 7 Oct 2020 22:10:22 -0400
Subject: [PATCH 1/2] lxd/events: Validate type
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/events.go | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/lxd/events.go b/lxd/events.go
index afdbe93633..4cf186e40f 100644
--- a/lxd/events.go
+++ b/lxd/events.go
@@ -2,6 +2,7 @@ package main
import (
"context"
+ "fmt"
"net/http"
"strings"
@@ -11,6 +12,8 @@ import (
"github.com/lxc/lxd/shared/logger"
)
+var eventTypes = []string{"logging", "operation", "lifecycle"}
+
var eventsCmd = APIEndpoint{
Path: "events",
@@ -32,9 +35,17 @@ func (r *eventsServe) String() string {
func eventsSocket(d *Daemon, r *http.Request, w http.ResponseWriter) error {
project := projectParam(r)
- typeStr := r.FormValue("type")
- if typeStr == "" {
- typeStr = "logging,operation,lifecycle"
+ types := strings.Split(r.FormValue("type"), ",")
+ if len(types) == 1 && types[0] == "" {
+ types = eventTypes
+ }
+
+ // Validate event types.
+ for _, entry := range types {
+ if !shared.StringInSlice(entry, eventTypes) {
+ response.BadRequest(fmt.Errorf("'%s' isn't a supported event type", entry)).Render(w)
+ return nil
+ }
}
// Upgrade the connection to websocket
@@ -59,7 +70,7 @@ func eventsSocket(d *Daemon, r *http.Request, w http.ResponseWriter) error {
// If this request is an internal one initiated by another node wanting
// to watch the events on this node, set the listener to broadcast only
// local events.
- listener, err := d.events.AddListener(project, c, strings.Split(typeStr, ","), serverName, isClusterNotification(r))
+ listener, err := d.events.AddListener(project, c, types, serverName, isClusterNotification(r))
if err != nil {
return err
}
From bdef9858b684a6e4a976fd1491668d209d310cd8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Wed, 7 Oct 2020 22:17:32 -0400
Subject: [PATCH 2/2] lxd/events: Prevent logging access to non-admin
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/events.go | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lxd/events.go b/lxd/events.go
index 4cf186e40f..1c58ce99db 100644
--- a/lxd/events.go
+++ b/lxd/events.go
@@ -48,6 +48,11 @@ func eventsSocket(d *Daemon, r *http.Request, w http.ResponseWriter) error {
}
}
+ if shared.StringInSlice("logging", types) && !d.userIsAdmin(r) {
+ response.Forbidden(nil).Render(w)
+ return nil
+ }
+
// Upgrade the connection to websocket
c, err := shared.WebsocketUpgrader.Upgrade(w, r, nil)
if err != nil {
More information about the lxc-devel
mailing list