open-nomad/client/allocrunner/taskrunner/getter
Michael Schurter 2965dc6a1a
artifact: fix numerous go-getter security issues
Fix numerous go-getter security issues:

- Add timeouts to http, git, and hg operations to prevent DoS
- Add size limit to http to prevent resource exhaustion
- Disable following symlinks in both artifacts and `job run`
- Stop performing initial HEAD request to avoid file corruption on
  retries and DoS opportunities.

**Approach**

Since Nomad has no ability to differentiate a DoS-via-large-artifact vs
a legitimate workload, all of the new limits are configurable at the
client agent level.

The max size of HTTP downloads is also exposed as a node attribute so
that if some workloads have large artifacts they can specify a high
limit in their jobspecs.

In the future all of this plumbing could be extended to enable/disable
specific getters or artifact downloading entirely on a per-node basis.
2022-05-24 16:29:39 -04:00
..
test-fixtures taskrunner getter set Umask for go-getter, setuid test 2019-08-23 15:59:03 -04:00
getter.go artifact: fix numerous go-getter security issues 2022-05-24 16:29:39 -04:00
getter_test.go artifact: fix numerous go-getter security issues 2022-05-24 16:29:39 -04:00
testing.go artifact: fix numerous go-getter security issues 2022-05-24 16:29:39 -04:00