diff options
| author | YaacovHazan <31382944+YaacovHazan@users.noreply.github.com> | 2021-12-19 10:46:16 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-19 10:46:16 +0200 |
| commit | ae2f5b7b2e007e4bb7108407d7d41972312d0766 (patch) | |
| tree | bd600b234abf3e84e01a78e9feaf724995613e76 /.github | |
| parent | 5df070ba391c8870894a11e31f0c8fe2be9f8052 (diff) | |
| download | redis-ae2f5b7b2e007e4bb7108407d7d41972312d0766.tar.gz | |
Protected configs and sensitive commands (#9920)
Block sensitive configs and commands by default.
* `enable-protected-configs` - block modification of configs with the new `PROTECTED_CONFIG` flag.
Currently we add this flag to `dbfilename`, and `dir` configs,
all of which are non-mutable configs that can set a file redis will write to.
* `enable-debug-command` - block the `DEBUG` command
* `enable-module-command` - block the `MODULE` command
These have a default value set to `no`, so that these features are not
exposed by default to client connections, and can only be set by modifying the config file.
Users can change each of these to either `yes` (allow all access), or `local` (allow access from
local TCP connections and unix domain connections)
Note that this is a **breaking change** (specifically the part about MODULE command being disabled by default).
I.e. we don't consider DEBUG command being blocked as an issue (people shouldn't have been using it),
and the few configs we protected are unlikely to have been set at runtime anyway.
On the other hand, it's likely to assume some users who use modules, load them from the config file anyway.
Note that's the whole point of this PR, for redis to be more secure by default and reduce the attack surface on
innocent users, so secure defaults will necessarily mean a breaking change.
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/external.yml | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/.github/workflows/external.yml b/.github/workflows/external.yml index 2dbd4704b..35b480106 100644 --- a/.github/workflows/external.yml +++ b/.github/workflows/external.yml @@ -15,7 +15,7 @@ jobs: - name: Build run: make REDIS_CFLAGS=-Werror - name: Start redis-server - run: ./src/redis-server --daemonize yes --logfile external-redis.log + run: ./src/redis-server --daemonize yes --logfile external-redis.log --enable-protected-configs yes --enable-debug-command yes --enable-module-command yes - name: Run external test run: | ./runtest \ @@ -36,7 +36,7 @@ jobs: - name: Build run: make REDIS_CFLAGS=-Werror - name: Start redis-server - run: ./src/redis-server --cluster-enabled yes --daemonize yes --logfile external-redis.log + run: ./src/redis-server --cluster-enabled yes --daemonize yes --logfile external-redis.log --enable-protected-configs yes --enable-debug-command yes --enable-module-command yes - name: Create a single node cluster run: ./src/redis-cli cluster addslots $(for slot in {0..16383}; do echo $slot; done); sleep 5 - name: Run external test @@ -51,4 +51,3 @@ jobs: with: name: test-external-cluster-log path: external-redis.log - |