Conversation
…dification of sensitive configuration The `/config` GET and POST endpoints in `src/api/server.py` allow any unauthenticated client to read and modify the application's `config.yaml` file. This file contains highly sensitive information such as `api_keys` (e.g., `GEMINI_API_KEY`) and critical file paths (`input.novel_path`, `output.output_path`, `ocr.tesseract_cmd`, `ocr.poppler_path`). An attacker can exploit this to: 1. **Retrieve API keys**: Gain unauthorized access to external services. 2. **Alter application behavior**: Modify any configuration setting, potentially disrupting service or enabling other attacks. 3. **Command Injection**: If `ocr.tesseract_cmd` or `ocr.poppler_path` are modified to point to a malicious executable or contain injected commands, and the application later executes these, it could lead to arbitrary code execution on the server. 4. **Path Traversal**: If file paths like `input.novel_path` or `output.output_path` are modified to point outside intended directories (e.g., `/etc/passwd` or `/tmp/malicious.sh`), the application could be tricked into reading or writing to arbitrary locations on the filesystem. The `tasks/todo_create_web_ui_20260225_1900.md` explicitly mentions "ConfigForm: Linh hoạt cho phép sửa API Keys, Model, Paths," confirming the intent to expose these, but without mentioning authentication. Affected files: server.py Signed-off-by: toanmap <174589430+maptoan@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The
/configGET and POST endpoints insrc/api/server.pyallow any unauthenticated client to read and modify the application'sconfig.yamlfile. This file contains highly sensitive information such asapi_keys(e.g.,GEMINI_API_KEY) and critical file paths (input.novel_path,output.output_path,ocr.tesseract_cmd,ocr.poppler_path).An attacker can exploit this to:
ocr.tesseract_cmdorocr.poppler_pathare modified to point to a malicious executable or contain injected commands, and the application later executes these, it could lead to arbitrary code execution on the server.input.novel_pathoroutput.output_pathare modified to point outside intended directories (e.g.,/etc/passwdor/tmp/malicious.sh), the application could be tricked into reading or writing to arbitrary locations on the filesystem.The
tasks/todo_create_web_ui_20260225_1900.mdexplicitly mentions "ConfigForm: Linh hoạt cho phép sửa API Keys, Model, Paths," confirming the intent to expose these, but without mentioning authentication.Severity:
criticalFile:
src/api/server.pySolution
Implement robust authentication and authorization mechanisms (e.g., API keys, OAuth2, session-based authentication) for all sensitive API endpoints, especially
/config. Only authorized users should be able to access or modify configuration.Example (conceptual, requires full auth implementation):
Changes
src/api/server.py(modified)Testing