Security implications of source/executing abra.sh from abra #199
Labels
No Label
breaking-change
bug
CI/CD
design
documentation
duplicate
enhancement
help wanted
invalid
plugin
question
secrets
shell-completion
versioning
wontfix
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: coop-cloud/abra#199
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Is there something we should be considering here?
Packagers could indeed
rm -rf /
in theabra.sh
but then we probably wouldn't be giving that person commit access to the repository. Someone could spoof the repositories? That sounds pretty far fetched.I know Yunohost have a setup where they make packagers generate checksums of their scripts on the package side and then installer script validates those checksums. Do we also need to consider something like that?