alexdrydew commented on issue #38745:
URL: https://github.com/apache/airflow/issues/38745#issuecomment-2041073791
My concern was primarily about processing untrusted data from external
sources in DAGs: it seems malicious data can be used to steal secrets in some
cases:
```python
@dag(...)
def pipeline():
data = download_parameters_from_s3()
transformed_data = transform.expand_kwargs(data)
upload_to_s3(transformed_data)
```
in this case data author could include `{{ var.value.get('SOME_SECRET') }}`
template and get access to the variable if the target storage is available for
them. I understand that this case is probably out of scope of the airflow
security model but the way how plain TaskFlow-style tasks communicate using
XCom allows to process untrusted data in this way.
But not to change focus: my main concern is that even if we don't return
processed untrusted data to potentially malicious user back we still need to
sanitize inputs specifically for `expand_kwargs` in order not to fail while
processing data that may contain template-like syntax (e.g. parsed webpage)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
