GitHub self-hosted runner attacks
We recommend that you only use self-hosted runners with private repositories. This is because forks of your public repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow. - GitHub documentation
Anyone who can make a fork or PR can run arbitrary code execution on the self-hosted runner (by default).
Prevention
Do not use self-hosted runners on public repos.
Mitigations
To reduce risk, opt-in configurations can be set to:
- Prevent outside collaborators from forking.
- Actions can be set to require approval before running workflows from outside collaborators.
- Protected branches can gate contributions by requiring multiples approvals.
- Note, branch protection rules must be applied to all branches (
*) and use theDo not allow bypassing the above settings.
- Note, branch protection rules must be applied to all branches (
Past attacks
Many data breach examples from Microsoft.
Resources
- Under the Radar: How We Found 0-Days in the Build Pipeline of OSS Packages by François Proulx & Benoît Côte-Jodoin from BootSecurity
- Messy poutine a live CTF demo by François Proulx et al.
- Look mum, I’m the GitHub Runner by David Fernandez Gonzalez 💖