Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-18385

Block loopback/localhost URLs on remote repositories

          Details

          • Type: Bug
          • Status: Resolved
          • Priority: Normal
          • Resolution: Fixed
          • Affects Version/s: None
          • Fix Version/s: 6.8.0
          • Component/s: None
          • Labels:
            None

            Description

            Artifactory can access loopback/localhost on remote repositories, bypassing the network restrictions

            We need to add verification on remote repo url to deny internal access, while allowing to whitelist specific prefixes configurable by sys admins.

            artifactory.remote.repo.url.whitelist.prefix=[null] separated by ','

            also add an ability to block any site local URLs (10/8|172.16/12|192.168/16 prefix), default not blocked.
            artifactoryl.remote.repo.url.strict.policy=true(default: false)
            strict policy also means that any unresolvable URL will also be blocked

              Attachments

                Activity

                  People

                  • Assignee:
                    nadavy Nadav Yogev
                    Reporter:
                    nadavy Nadav Yogev
                    Assigned QA:
                    Alex Dvorkin
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    2 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: