|
|
|
|
|
|
by woodruffw
1 hour ago
|
|
|
The Gitea one looks marginally interesting, but is probably not exploitable in practice (unless Gitea or whoever else isn’t properly isolating jobs on dedicated VMs). I suspect GitHub Actions has similar behavior and is not considered exploitable because the user is assumed to already have local, non-namespaced root access. |
|
|
The biggest mitigation is that gitea documentation discourages you from using action runners from untrusted users. Not flawless security, but it's something...