Skip to content

Access to Infected Files #1225

New issue
New issue
Open
Open
Access to Infected Files#1225
@thomasSSSC

Description

@thomasSSSC
thomasSSSC
opened on Jun 10, 2024

While running this scanner, I found two potential workarounds for accessing infected files:

  1. If too many objects are uploaded, and you reach the concurrent lambda limit, then files will not be tagged, and are therefore accessible. This can be fixed by changing the bucket policy to have this condition(for example):
    "Condition": {
    "StringNotEquals": {
    "s3:ExistingObjectTag/scan-status": "CLEAN"
    },
  2. Also infected files can be accessed by changing the tags on the object itself. It might be a good idea to restrict tag permissions on infected files to the root user.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions