The core of the problem trickles down to weak CI/CD configurations that grant pull requests (PRs) more permissions than they should have.
How exactly do their competitors like codeberg do better in preventing that?
I’m no expert in this but I’m guessing GH’s higher tiers provide much more “actions” and whatnot than Codeberg does. AFAICS Gitlab might be the only alternative that even has the mechanisms that could be exploited.
But executing code in a comment, that’s harsh in any case. I mean, even I would’ve known how to prevent that right from the start. I think.
The article doesn’t seem to say. I don’t know if it’s a problem with defaults or caused by the devs themselves.
By default pull requests my new contributors require approval from someone with write-access to the repo before running actions.
These repos have specifically decided to change a setting to make them not require approval for anyone. The UI to change that setting explicitly warns you about exactly this attack, so this “article” feels like a non-item trying to farm engagement.
As far as I can tell it requires GitHub actions to be enabled for pull requests, which you can require approval for. I just quickly read the top of the article so I could be wrong
That sounds big & creepy:
On Microsoft’s Azure Sentinel, for example, Novee found a comment on a PR that could run anonymous attacker code on Microsoft’s CI and steal a non-expiring GitHub App key.
I wonder if/how alternative VCS platforms that provide similar workflow services are affected.



