Filesystem vulnerability identified, please update to RethinkDB 1.3.2
We identified a filesystem vulnerability this morning that allows read access to arbitrary files on the filesystem through the web administation tool.
A fix has been pushed for all platforms in RethinkDB 1.3.2, so please update immediately: see the install page for instructions.
What caused this vulnerability?
The built-in web server has a whitelist to allow serving only a very specific set of files required to run the web administration tool (see the whitelist on Github).
However, we inadvertently disabled the whitelist during development. One of our engineers noticed this during a procedural code review (a policy recently introduced after the release of RethinkDB 1.2) and we implemented a fix immediately.
What we’re doing to prevent this in the future
As of RethinkDB 1.2, no code goes into the master branch without code reviews and sign-offs from engineers.
This has two effects:
- We’re significantly less likely to introduce similar vulnerabilities under peer review.
- We discover existing issues more readily (as was the case here).
Until RethinkDB is production-ready, we will continue to advise users to ensure that RethinkDB runs behind a firewall and on a secured network.
As RethinkDB nears production-ready state, we’re focused on eliminating these issues. If you encounter potential vulnerabilities, please email us immediately at firstname.lastname@example.org, or notify us that you’ve discovered a potential issue via any of our public channels and we’ll follow up with you immediately.