fix(postgres): make security denylist case-insensitive
PostgreSQL parameter names are case-insensitive, but the denylist check was case-sensitive, allowing bypass via mixed-case names (e.g., ARCHIVE_COMMAND instead of archive_command). Normalize parameter names to lowercase before checking against the denylist to prevent security bypass. Thanks to CodeRabbit for catching this security issue. Signed-off-by: IvanHunters <xorokhotnikov@gmail.com>
This commit is contained in:
parent
96c7c16c21
commit
fac0622499
2 changed files with 2 additions and 1 deletions
|
|
@ -65,7 +65,8 @@ spec:
|
|||
{{- /* Security: Block parameters that could allow shell command execution */ -}}
|
||||
{{- $dangerousParams := list "archive_command" "restore_command" "ssl_passphrase_command" "log_destination" "event_source" }}
|
||||
{{- range $key, $value := $params }}
|
||||
{{- if has $key $dangerousParams }}
|
||||
{{- $normalizedKey := lower $key }}
|
||||
{{- if has $normalizedKey $dangerousParams }}
|
||||
{{- fail (printf "SECURITY: Parameter '%s' is blocked for security reasons. This parameter could allow arbitrary shell command execution and is managed by CloudNativePG operator." $key) }}
|
||||
{{- end }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue