8000 updates to security guidelines and docker config by agunapal · Pull Request #2669 · pytorch/serve · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

updates to security guidelines and docker config #2669

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Oct 4, 2023
Merged

updates to security guidelines and docker config #2669

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
3e82a3c
updates to security guidelines and docker config
agunapal Oct 3, 2023
810e723
updates to security guidelines and docker config
agunapal Oct 3, 2023
73b2acc
updates to security guidelines and docker config
agunapal Oct 3, 2023
7d15438
updates to security guidelines and docker config
agunapal Oct 3, 2023
c777bf9
updates to security guidelines
agunapal Oct 3, 2023
851286e
updates to security guidelines
agunapal Oct 3, 2023
f4725aa
Update SECURITY.md
msaroufim Oct 3, 2023
05c941e
Merge branch 'master' into docs/update_security_guidelines
lxning Oct 4, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,23 @@ TorchServe as much as possible relies on automated tools to do security scanning
2. Docker Scanning: Using Snyk
3. Code Analysis: Using CodeQL

## Important Security Guidelines

1. TorchServe listens on the following ports
1. HTTP - `8080`, `8081`, `8082`
2. gRPC - `7070`, `7071`

These ports are accessible to `localhost` by default. The address can be configured by following the [guide](https://github.com/pytorch/serve/blob/master/docs/configuration.md#configure-torchserve-listening-address-and-port)
TorchServe does not prevent users from configuring the address to be `0.0.0.0`. Please be aware of the security risks if you use `0.0.0.0`
2. TorchServe's Docker image is configured to expose the ports `8080`, `8081`, `8082`, `7070`, `7071` to the host by default(https://github.com/pytorch/serve/blob/master/docker/Dockerfile). When these ports are mapped to the host, make sure to use `localhost` or a specific ip address.

3. Be sure to validate the authenticity of the `.mar` file being used with TorchServe.
1. A `.mar` file being downloaded from the internet from an untrusted source may have malicious code, compromising the integrity of your application
2. TorchServe executes arbitrary python code packaged in the `mar` file. Make sure that you've either audited that the code you're using is safe and/or is from a source that you trust

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also mention that torchserve can run arbitrary python files so don't download mar files you don't trust from the internet

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

Copy link
Member
@msaroufim msaroufim Oct 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the updated language is good but please explicitly also mention that torchserve executes arbitrary python files when running a mar file, the risk is not just in downloading. There's a risk in downloading, unzipping and finally running

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it. So, how do they verify it? We should mention that too

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no generic way to verify if a piece of python code is safe, they key is that it needs to be code from a source they trust

Comment on lines +27 to +30
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

archiver can support mar, tgz and folder. we can make it more generic at this section to let cx know they are responsible for the security of the code in model artifacts





## Reporting a Vulnerability

Expand Down
8 changes: 7 additions & 1 deletion docker/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,13 @@ Creates a docker image for codebuild environment

## Start a container with a TorchServe image

The following examples will start the container with 8080/81/82 and 7070/71 port exposed to outer-world/localhost.
The following examples will start the container with 8080/81/82 and 7070/71 port exposed to `localhost`.

## Security Guideline

TorchServe's Dockerfile configures ports `8080`, `8081` , `8082`, `7070` and `7071` to be exposed to the host by default.

When mapping these ports to the host, make sure to specify `localhost` or a specific ip address.

#### Start CPU container

Expand Down
0