Skip to content

πŸ›‘οΈ Sentinel: [CRITICAL] Fix path traversal in file retrieval API#69

Open
thirdeyenation wants to merge 1 commit intomainfrom
sentinel-path-traversal-api-files-get-10233127162581519055
Open

πŸ›‘οΈ Sentinel: [CRITICAL] Fix path traversal in file retrieval API#69
thirdeyenation wants to merge 1 commit intomainfrom
sentinel-path-traversal-api-files-get-10233127162581519055

Conversation

@thirdeyenation
Copy link
Copy Markdown
Owner

@thirdeyenation thirdeyenation commented Apr 26, 2026

🚨 Severity: CRITICAL

πŸ’‘ Vulnerability:
The api/api_files_get.py endpoint processed client-provided paths to retrieve files. If a path didn't explicitly match internal prefixes (/a0/), it was considered an external path. The application fetched it directly without verifying that the resolved absolute path resided within the intended application root directory. This allowed attackers to use path traversal techniques (../../../../etc/passwd) or absolute paths (/etc/passwd) to read arbitrary files off the server host file system.

🎯 Impact:
An unauthenticated or minimally authenticated attacker could arbitrarily read any file on the system that the application has read permissions for, leading to the exposure of highly sensitive files like configurations, system files, environment variables, or private SSH keys.

πŸ”§ Fix:
Added a robust containment check validating that os.path.abspath(external_path) string-starts with os.path.abspath(files.get_base_dir()) + os.sep. If an attempt fails this check, it raises a warning and skips the file without crashing, securely bounding all subsequent accesses to within the intended bounds.

βœ… Verification:
An internal test script successfully proved that the original implementation would allow traversal strings or root absolute paths to bypass restrictions, while the patched version safely triggers a "Path traversal attempt blocked" warning and rejects the illegal access.

PR created automatically by Jules for task 10233127162581519055 started by @thirdeyenation

@google-labs-jules @thirdeyenation
πŸ›‘οΈ Sentinel: [CRITICAL] Fix Path Traversal in file retrieval API
8434c6a 
Resolved an arbitrary file read vulnerability where `/api_files_get` improperly constructed absolute paths from client-provided paths without boundary checks. Ensured the final absolute path stays inside the application base directory `base_dir + os.sep`. Added `sentinel.md` journal entry.

Co-authored-by: thirdeyenation <133812267+thirdeyenation@users.noreply.github.com>
@google-labs-jules
Copy link
Copy Markdown

google-labs-jules Bot commented Apr 26, 2026

πŸ‘‹ Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a πŸ‘€ emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thirdeyenation