From 8fe8ab5cbf2977f3a01ea12361df2cd76dce3ea9 Mon Sep 17 00:00:00 2001 From: Niklas Goerke Date: Wed, 7 Oct 2020 11:55:13 +0200 Subject: Mitigate Security vulnerability in the git hook feature (#13058) * Extend git hook warning in the UI. Git hooks are a dangerous feature, administrators should be warned before giving the git hook privilege to users. * Disable Git hooks by default and add warning. Git hooks are a dangerous features (see warning text) that should only be enabled if the administrator was informed about the risk involved. Co-authored-by: Niklas Goerke --- docs/content/doc/advanced/config-cheat-sheet.en-us.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'docs/content/doc') diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index dc3979a64d..c2a12a1d8f 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -388,8 +388,13 @@ relation to port exhaustion. authentication. - `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy authentication provided email. -- `DISABLE_GIT_HOOKS`: **false**: Set to `true` to prevent all users (including admin) from creating custom - git hooks. +- `DISABLE_GIT_HOOKS`: **true**: Set to `false` to enable users with git hook privilege to create custom git hooks. + WARNING: Custom git hooks can be used to perform arbitrary code execution on the host operating system. + This enables the users to access and modify this config file and the Gitea database and interrupt the Gitea service. + By modifying the Gitea database, users can gain Gitea administrator privileges. + It also enables them to access other resources available to the user on the operating system that is running the + Gitea instance and perform arbitrary actions in the name of the Gitea OS user. + This maybe harmful to you website or your operating system. - `ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET`: **true**: Set to `false` to allow local users to push to gitea-repositories without setting up the Gitea environment. This is not recommended and if you want local users to push to gitea repositories you should set the environment appropriately. - `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server. - `INTERNAL_TOKEN`: **\**: Secret used to validate communication within Gitea binary. -- cgit v1.2.3