Ticket #120 (closed enhancement: fixed)

Opened 5 years ago

Last modified 5 years ago

Security audit

Reported by: dread Owned by: dread
Priority: major Milestone: v0.10
Component: ckan Keywords:
Cc: Repository:
Theme:

Description (last modified by rgrp) (diff)

Look for all places where model is accessed and check authorization is checked.

Document holes (and, as necessary, suggestions for fixes) as new tickets. Likely areas that need looking at:

  • search i/f
  • package WUI commit

Write holes are obviously much more significant to us than read holes.

Change History

comment:1 Changed 5 years ago by rgrp

  • Description modified (diff)

comment:2 Changed 5 years ago by dread

  • Status changed from new to closed
  • Resolution set to fixed

Found two security holes, both only in READ access (not write). Tickets raised for holes: ticket:132 - REST listing packages & groups ticket:133 - search package/group (WUI & REST)

Full details of files checked: $ find . -name "*.py" | xargs grep "import ckan.model" ./ckan/presentation.py:import ckan.model as model REMOVED - unused ./ckan/tests/functional/test_group_edit_authz.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_rest.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_package.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_user.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_tag.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_group.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_package_edit_authz.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_revision.py:import ckan.model as model - not runtime ./ckan/tests/functional/test_authz.py:import ckan.model as model - not runtime ./ckan/tests/test_search.py:import ckan.model as model - not runtime ./ckan/tests/models/test_package.py:import ckan.model as model - not runtime ./ckan/tests/models/test_user.py:import ckan.model as model - not runtime ./ckan/tests/models/test_group.py:import ckan.model as model - not runtime ./ckan/tests/models/test_extras.py:import ckan.model as model - not runtime ./ckan/tests/models/test_misc.py:import ckan.model as model - not runtime ./ckan/tests/models/test_authz.py:import ckan.model as model - not runtime ./ckan/tests/forms/test_package.py:import ckan.model as model - not runtime ./ckan/tests/forms/test_group.py:import ckan.model as model - not runtime ./ckan/tests/forms/test_authz.py:import ckan.model as model - not runtime ./ckan/tests/test_converter.py:import ckan.model as model - not runtime ./ckan/tests/getdata/test_data4nr.py:import ckan.model as model - not runtime ./ckan/tests/init__.py:import ckan.model as model - not runtime ./ckan/tests/test_authz.py:import ckan.model as model - not runtime ./ckan/tests/test_purge_revision.py:import ckan.model as model - not runtime ./ckan/forms/common.py:import ckan.model as model - just validator ./ckan/forms/package.py:import ckan.model as model - validator & package edits ./ckan/forms/group.py:import ckan.model as model - validate & package, wui & rest edits ./ckan/forms/authz.py:import ckan.model as model - package & group wui/rest ./ckan/controllers/rest.py:import ckan.model as model - HOLE ticket:132 - REST listing packages & groups ./ckan/controllers/base.py:import ckan.model as model - paginate filters out deleted ones ./ckan/migration/versions/005_add_authorization_tables.py:import ckan.model as model - not runtime ./ckan/getdata/data4nr.py:import ckan.model as model - not runtime ./ckan/lib/search.py:import ckan.model as model - HOLE ticket:133 - search package/group (WUI & REST) ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/cli.py: import ckan.model as model - not runtime ./ckan/lib/converter.py:import ckan.model - dumper, not runtime ./ckan/lib/base.py:import ckan.model as model - just a remove ./ckan/authz.py:import ckan.model as model - only gets roles ./bin/ckan_spam.py:import ckan.models as model - not runtime ./bin/ckan-correct.py:import ckan.models - not runtime ./test_migrate.py:import ckan.model as model - not runtime

Note: See TracTickets for help on using tickets.