ocket8888 opened a new issue #2974: Possible security issues with tenancy URL: https://github.com/apache/trafficcontrol/issues/2974 Currently, we restrict a user who's tenant is not assigned to a Delivery Service (DS) from performing read operations on the configuration of said DS. However, there are no tenancy restrictions on read operations on servers, or their configuration files. Specifically the remap.config, parent.config and plugin.config are all configured on the server (parent.config, remap.config) or profile (plugin.config) level, and provide an unauthorized user with read access into certain properties of a Delivery Service, e.g. the FQDN it serves. It's true that any particular file can't immediately be associated with a particular Delivery Service, but with unrestricted access to all server config files, one could reasonably build up some limited understanding of supposed hidden architecture, albeit without niceties like the xml_id, database row and display name.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
