Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What are the security risks of using Gitlab CI shared test runners?

I am trying to host a new project with Gitlab. It is a private Python project. I was able to test some initial tests with Gitlab CI.

I don't use cache while running tests,

While exploring the runner section in settings, there is a warning shown,

GitLab Runners do not offer secure isolation between projects that they do builds for. You are TRUSTING all GitLab users who can push code to project A, B or C to run shell scripts on the machine hosting runner X.

what are the security risks in using a shared test runner? Is it safe to run private projects on a shared runner? What precautions can be taken while running tests on a shared runner?

Thank you for any insight.

like image 842
Rivadiz Avatar asked Feb 20 '16 18:02

Rivadiz


People also ask

What are GitLab shared runners?

Shared runners. Shared runners are available to every project in a GitLab instance. Use shared runners when you have multiple jobs with similar requirements. Rather than having multiple runners idling for many projects, you can have a few runners that handle multiple projects.

Which of the GitLab security capabilities helps detect as yet unknown security vulnerabilities?

API Security focuses on testing and protecting APIs. Testing for known vulnerabilities with DAST API and unknown vulnerabilities with API Fuzzing, API Security runs against a live API or a Review App to discover vulnerabilities that can only be uncovered after the API has been deployed.

What can a GitLab runner do?

GitLab runner is a build instance which is used to run the jobs over multiple machines and send the results to GitLab and which can be placed on separate users, servers, and local machine. You can register the runner as shared or specific after installing it.

Can a GitLab runner run multiple jobs?

One way to allow more jobs to run simultaneously is to simply register more runners. Each installation of GitLab Runner can register multiple distinct runner instances. They operate independently of each other and don't all need to refer to the same coordinating server.


1 Answers

GitLab CI runner offers the following executor types:

  • shell
  • docker
  • ssh
  • docker-ssh
  • parallels
  • virtualbox

The security concerns you should have are mainly from using ssh and shell runners.

  • shell is unsafe unless you're in a controlled environment.
    This is because it's, literally, a simple shell. The user running your build will have access to everything else going on for that user, and that includes other projects.
  • ssh is susceptible to man-in-the-middle attacks.
    If you're dealing with private crypto keys in your builds, beware that they may be stolen.

Fortunately, http://gitlab.com seems to be sharing only docker runners.
docker runners are generally safe* because every build runs in a new container, so there's nothing to worry.

You can read further about GitLab CI Runner security here.

* unless you're doing the nasty privileged mode!

like image 135
4 revs, 3 users 96% Avatar answered Sep 21 '22 11:09

4 revs, 3 users 96%