-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security review: recover corrupt caches #1382
Security review: recover corrupt caches #1382
Comments
I've got things working on my branch @natalieparellano I went a different direction that we originally discussed. Instead of wiping out the cache, I am instead just ignoring the missing files. What do you think? Happy to do whatever. |
cc @jabrown85 |
Sounds good to me :) should we land this one? |
I think @joeybrown-sf was hoping to fix up a test or something? What remains here @joeybrown-sf ? |
Circling back, see discussion on buildpacks/lifecycle-private#16, our fix is working for volume caches, but for image caches we are NOT getting "layer not found" errors where we expect them (and hence are failing and bubbling up the error instead of skipping over the layer). This requires further investigation in imgutil. We added FIXMEs in the code so that it is apparent that the image cache flow requires further work. We could leave this issue open or create another issue that is specific to image caches. |
Summary
In the security review, this is
LOW-2: Denial-of-Service (DoS) provoked by removing build cache tarballs or altering the OCI image manifest
. The action plan asks us to ensure thatFurther context from the initial report:
Proposal
lifecycle/phase/restorer.go
Line 132 in 44b7041
lifecycle/phase/exporter.go
Line 395 in 44b7041
Alternatively, we considered updating the cache metadata to exclude the layer/tarball that is missing. But, we are not sure if this scenario is common enough to warrant such a surgical approach.
Related
RFC #___
Context
The text was updated successfully, but these errors were encountered: