The deputy shot the sheriff: Privilege escalation in build pipelines
Build pipelines are commonly used in the industry to build and roll out changes to cloud accounts. Typically, wide permissions are granted to those systems, making them an interesting attack vector. Take a look with Andreas Sieferlinger at typical vulnerabilities and examine the case of the confused deputya trusted third-party partyand how these vulnerabilities can be mitigated in real-life.
| Talk Title | The deputy shot the sheriff: Privilege escalation in build pipelines |
| Speakers | Andreas Sieferlinger (Scout24) |
| Conference | O’Reilly Velocity Conference |
| Conf Tag | Build systems that drive business |
| Location | Berlin, Germany |
| Date | November 5-7, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
CI/CD systems are usually tightly coupled, and inherit for the CD part a lot of administrative privileges combined with network access to production systems. We tend to believe that we only execute trusted software within those systems, but it quickly becomes clear that code from a huge variety of sources is loaded and executed in that system that isn’t under your control. Andreas Sieferlinger walks you through how to identify the most relevant issues along the steps of actual pipelines. You’ll take a deep dive on the confused deputy, a trusted third-party that can be tricked into abuse of its privileges, which will explain how the direct association of code with access permissions on a public cloud provider can help to eliminate the need to trust components in between.
