Audit of Cloud Native Buildpacks
2024-7-16 06:0:0 Author: blog.quarkslab.com(查看原文) 阅读量:0 收藏

Introduction

The Cloud Native Buildpacks (also known as CNB) project was initiated by Pivotal and Heroku in January 2018 and joined the Cloud Native Computing Foundation (a.k.a. CNCF) in October 2018. The project aims to unify the buildpack ecosystems with a platform-to-buildpack contract that is well-defined and that incorporates learnings from maintaining production-grade buildpacks for years at both Pivotal and Heroku. Cloud Native Buildpacks provides a framework and a runtime support for applications to be examined, configured and built appropriately in order to run on any cloud platform. The full report of our security assessment can be found on the OSTIF website. Following the audit, all important findings have been taken into account by the Cloud Native Buildpacks team.

Scope

The scope of the audit was focused on the lifecycle and the pack components. At the time of the assessment, both of them were publicly available on the Cloud Native Buildapcks GitHub repository. Quarkslab's auditors created a formal threat model in order to define an attack surface and identify threat actors with respect to the features and software architecture of the project. This model was used to enumerate the project's critical functionalities and well as to methodically conduct the security assessment and identify vulnerabilities.

Findings

The table below summarizes the findings of the audit. A total of eight vulnerabilities were found, of which two had high severity, two had medium severity and four had low severity.

ID Title Severity Perimeter
HIGH-1 Host compromise by overwriting trusted container images High Build Process
HIGH-2 Cache poisoning by accessing other applications caches High Build Process
MED-1 Docker in-container privilege escalation Medium Build Process
MED-2 Docker permissive inter-container connectivity Medium Build Process
LOW-1 Denial-of-Service (DoS) provoked by a race condition Low Build Process
LOW-2 Denial-of-Service (DoS) provoked by removing build cache tarballs or altering the OCI image manifest Low Build Process
LOW-3 Denial-of-Service (DoS) provoked by an unbound execution time Low Build Process
LOW-4 Data leak by accessing other applications caches Low Build Process
INFO-1 Specification violation using Docker and user namespaces Info Build Process
INFO-2 Excessive Docker container capabilities Info Build Process

Conclusion

Quarkslab found several vulnerabilities during this security assessment. Most of these issues were found to be dangerous in the context of Continuous Integration (CI) and Continuous Delivery (CD) where the CNB tool can be shared between several users and projects. Quarkslab acknowledges the substantial security efforts invested by the CNB developers. Additionally, Quarkslab offered insights and strategies to address vulnerabilities, aiming to enhance the robustness and security of this open-source tool for the future. Overall, working with the Cloud Native Buildpacks team was a true pleasure. They were highly attentive to Quarkslab's remediation proposal and committed to enhancing the project's security.

If you would like to learn more about our security audits and explore how we can help you, get in touch with us!


文章来源: http://blog.quarkslab.com/audit-of-cloud-native-buildpacks.html
如有侵权请联系:admin#unsafe.sh