> Surprisingly enough, GitHub Actions with read-only permissions still receive a cache write token, allowing cache poisoning, so they are not safe to run untrusted code.
What are solutions to this and their tradeoffs?
1. Disallow cache write access to read-only actions
2. Stack caches such that read only action cache writes don't affect the cache for read-write actions
This is really nice. Clean and easy way to use gvisor isolation to solve a github problem.
gvisor seems like the right level of isolation for a lot of code a dev would run on various machines. So just making it more in reach I think is a boon.
> Surprisingly enough, GitHub Actions with read-only permissions still receive a cache write token, allowing cache poisoning, so they are not safe to run untrusted code.
What are solutions to this and their tradeoffs?
1. Disallow cache write access to read-only actions
2. Stack caches such that read only action cache writes don't affect the cache for read-write actions
edit: What else would solve?
This is really nice. Clean and easy way to use gvisor isolation to solve a github problem.
gvisor seems like the right level of isolation for a lot of code a dev would run on various machines. So just making it more in reach I think is a boon.
How one person can be so good at putting out useful security tech is just wild.
I'll add this to my pile of filo made security I consistently rely on