Work required before letting users' code run on dark-cloud
StachuDotNet opened this issue · 1 comments
StachuDotNet commented
Extracted out of #4911 -- see that issue for additional context.
the major thing remaining here is " figure out tunnel2 settings/replacement", "iptables"...
- we need production testing to prevent users from figuring out IP addresses
- try to get IP addresses -> error
- extra level of protection: iptables?
- or: provide a proxy (like how we used to do things in k8s -- everything would go through proxy, which had firewall rules)
- with cloud run...
- we could provide another cloud run project that just does proxy
- that one doesn't have permissions
urgency/importance: blocker for letting users running their code on dark-cloud
if we don't do this and/or we get it wrong, then an attacker may be able to get access to our entire cloud acct, etc.
I need to study up here and reflect on our current setup
pay attention to 169.254.0.0/16 - provides token that has auth as us
StachuDotNet commented
folded into #5261