Skip to content

Security Checks on Aurora

Pushkar Anand edited this page Mar 21, 2020 · 5 revisions

On this page, I am documenting down various checks that have been put in place on Aurora. Hoping that in future it may help others figure out loopholes in the system.

XSS Protection

For this, we automatically add headers in each response using .htaccess file

XSS Protection

SQL Injection

We also escape all $_POST and $_GET variables in each request. Aurora doesn't use other http methods.

sql injection

Cookie policies and CSRF

We don't do an explicit CSRF check but use cookie policies to safeguard the user. We set cookie's samesite param to Lax, ensuring cross-site requests will not have session information. Thus, mitigating the risk of CSRF. We also mark our cookies as HTTP only. Thus, making them inaccessible in JavaScript Document.cookie to prevent XSS attacks.

csrf protection

Docker Secrets Protection

Since we started using docker secrets to store MySQL credentials. And also the fact that users can run any code on our system. We needed to protect this information. For this, before executing any user's program, we modify the permission for the files in /run/secrets location to be readable only by the root user.

docker secrets protection

Fork bombs and other sanity checks

We run all user submitted code by an unprivileged account. This helps in protecting certain sensitive files like the ones where all correct answers are stored. We also limit the max number of processes this user can spawn to 100. This protects against fork bombs.

Finally, we run the program for a limited period after that we kill all processes that might have been spawned by this user to stop any long-running program.

fork bomb

If you feel that I missed out on certain necessary checks, please raise an issue. I will solve it on priority.

Clone this wiki locally