privacy leak because web.static does not exist #1720
Labels
No Label
0.2.0
0.3.0
0.4.0
0.5.0
0.5.1
0.6.0
0.6.1
0.7.0
0.8.0
0.9.0
1.0.0
1.1.0
1.10.0
1.10.1
1.10.2
1.10a2
1.11.0
1.12.0
1.12.1
1.13.0
1.14.0
1.15.0
1.15.1
1.2.0
1.3.0
1.4.1
1.5.0
1.6.0
1.6.1
1.7.0
1.7.1
1.7β
1.8.0
1.8.1
1.8.2
1.8.3
1.8β
1.9.0
1.9.0-s3branch
1.9.0a1
1.9.0a2
1.9.0b1
1.9.1
1.9.2
1.9.2a1
LeastAuthority.com automation
blocker
cannot reproduce
cloud-branch
code
code-dirnodes
code-encoding
code-frontend
code-frontend-cli
code-frontend-ftp-sftp
code-frontend-magic-folder
code-frontend-web
code-mutable
code-network
code-nodeadmin
code-peerselection
code-storage
contrib
critical
defect
dev-infrastructure
documentation
duplicate
enhancement
fixed
invalid
major
minor
n/a
normal
operational
packaging
somebody else's problem
supercritical
task
trivial
unknown
was already fixed
website
wontfix
worksforme
No Milestone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Reference: tahoe-lafs/trac-2024-07-25#1720
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
when a client/node is created, in tahoe.cfg "web.static = public_html" is enabled by default, but public_html is not created. Thus, surfing to http://localhost:3456/static/ leaks
a) the absolute path of where web.static is expected to be
b) the python version used
c) maybe which OS is used
solution: don't enable web.static by default, or create public_html directory during client/node creation
This issue is relevant when an operator wishes to provide web gateway access to untrusted users will limiting their own risk. This is not a use case that the web gateway was designed for, but several users have requested this use case.
Note: I created a lafs-rpg issue that is related to this: https://bitbucket.org/nejucomo/lafs-rpg/issue/6/replace-stack-trace-responses-with-generic
This is a special case of #1008 (although the expected path of public_html would be leaked even if the exception report only showed the message and not the detailed traceback).
privacy leakto privacy leak because web.static does not existIn 5a5ba64/trunk: