smartnode icon indicating copy to clipboard operation
smartnode copied to clipboard
verified publisher icon rocket-pool

[Minor Security Risk] Depending on external dockerhub images

Open allada opened this issue 2 years ago • 0 comments

TL;DR

It looks like rocket pool has a variety of docker images that are pulled in without full digest/sha256 checks.

Scenario 1

  • A rocket pool team member is compromised and docker hub is used to push a new image overriding the existing images.
  • Some users will begin using new images that could steal their node keys.

Scenario 2

Currently rocket pool uses optional external images like here: https://github.com/rocket-pool/smartnode/blob/b8b63459678317fd635d08e93384c9c101a505ca/shared/services/config/prometheus-config.go#L8

  • A prometheus developer is compromised and replaces the v2.43.0 tag with a malicious image
  • Rocket pool nodes may now be at risk of this malicious code (like stealing keys).

Additional Comments

The way docker-compose file is setup it should not be at risk because it does not expose sensitive data to the prometheus container, however, it is a bad idea to assume malicious code cannot exit containers. For example a few years ago there was the libc vulnerability and clever ways of breakouts happen all the time.

For example, some of the containers rocket pool deploys mounts the docker.sock, which is well known to be a vulnerability (see: https://redfoxsec.com/blog/introduction-to-docker-container-breakouts/).

I don't expect rocket pool to be 100% secure from every case, but blindly trusting external images seems risky.

Proposal

The simplest way to solve this is to also tag the digest. This can be problematic, since docker does not support multiple digests for multiple architectures and rocket pool supports multiple architectures. We could have a map in the code of the digests associated with each platform, sniff out the platform we are currently running on and then replace the magic EXPORTER_CONTAINER_TAG environ with one that has the digest matching the platform's digest.

Another idea is upon service start/restart via cli, we first query images that are downloaded and verify that the digest is one of the confirmed white listed images. In the event that it is not, we prompt the user and give a way to override for some advanced users before starting the image(s).

allada avatar May 03 '23 18:05 allada