Project

General

Profile

"File system" type repositories violating security?

Added by Anonymous over 8 years ago

Redmine offers a "file system" type of repository (to be enabled globally as admin). At a first glance this is convenient, as it allows you to access - say - SMB/CIFS-fileshares mounted to your redmine server. On the other hand using "file system" repositories you have (view) rights to the server running redmine based on the rights of the redmine system-user. So you could e.g. access the redmine-directory itself, have a repository point to the "files"-directory and then - from your project - every attachement of the full redmine system is accessible, thus violating project security.

If there is no flaw on my installation and the observation above is true, I would suggest kind of a warning when enabling "file system" type repositories. Another possibility would be, not to rely on the user "redmine" accessing the server but force the necessitiy to enter the server-credentials to be used to access the server. E.g. you could have a server-side user per repository like "myfiles" and use this (mandatory) for accessing "file system" type repositories.

If I'm completely wrong please let me know :-)

Immanuel