Closed Bug 1320823 Opened 9 years ago Closed 9 years ago

Lock external docker images with content hash

Categories

(Taskcluster Graveyard :: Docker Images, defect)

Product:
Taskcluster Graveyard
Component:
Docker Images
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jonasfj, Unassigned)

References

Details

Attachments

(1 obsolete file)

Whenever, we reference external images we should include image hash, even if we don't really validate the images, locking the content hash ensures they aren't used as an attack vector. We reference external images in two cases: A) Images that are manually built like image_builder B) Source images that we reference in in FROM clause in the Dockerfile A) Can be solved by adding an additional file: HASH, next to the existing REGISTRY and VERSION files. A better options might be to replace the 3 files with a single file called IMAGE_REFERENCE or something like that. B) Can be solved by including the image hash in the FROM clause. Note: (A) would also make verification using COT artifacts easier. As there is no need to compare the image hash with a list of approved hashes, if the task definition signed by the decision task in task-graph.json contains the same image:tag:hash for the given task. (Validating against a set of approved hashes is still solid hardening).
Anyone with the right scopes can create any arbitrary decision task, so having a hash in the task definition doesn't guarantee anything.
In the version-control-tools repo, we introduced custom Dockerfile syntax for managing the base images. e.g. https://hg.mozilla.org/hgcustom/version-control-tools/file/818e6844bb8a/testing/docker/builder-ansible-centos7/Dockerfile#l5. When building images from Dockerfiles, we preprocess the Dockerfile looking for that syntax. If it is found, we download the referenced URL, verify the hash, import the image, then rewrite the Dockerfile as part of the context tar uploaded to Docker to reference the just-imported image. That code lives at https://hg.mozilla.org/hgcustom/version-control-tools/file/115809a6a8e1/testing/vcttesting/docker.py#l431 and https://hg.mozilla.org/hgcustom/version-control-tools/file/115809a6a8e1/testing/vcttesting/docker.py#l325. Aside from pinning hashes of downloaded images, we can also host images on any URL we want. Yay for not having to run a registry and introducing another point of failure! The comments in the linked code about Docker's insecurity were written a while ago. I believe the comment about Docker not verifying the hash before processing the image is still accurate.
Correct me if any of these assumptions are incorrect: * we need the docker image for the decision task before we can run mach * if the docker-worker had the ability to read a custom syntax and verify contents before running, we could pin a docker sha in the decision task definition * however, anyone with the right scopes can submit any arbitrary decision task definition, meaning the pinning is not secure That last point is what I'm mainly concerned about. I would love to find a way around that that doesn't involve an allowlist, but I haven't figured it out yet.
@aki, when you get back, take a look at: https://reviewboard.mozilla.org/r/98952/diff/1#index_header The idea is that now we don't need a whitelist, we can just verify the task definition from the COT artifact against the contents .taskcluster.yml file. For this to be feasible we probably have to undertake a few more simplifications, otherwise, we have to do a lot of magic parameter substitution for .taskcluster.yml
Attachment #8819115 - Attachment is obsolete: true
Attachment #8819115 - Flags: review?(dustin)
Depends on: 1324413
Depends on: 1324414
Filed as two blocking bugs, so I won't get conflicts in mozreview.
Seems this is all fixed...
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
See Also: → 1328577
Product: Taskcluster → Taskcluster Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: