client/template: configuration for function blacklist and sandboxing

When rendering a task template, the `plugin` function is no longer permitted by default and will raise an error. An operator can opt-in to permitting this function with the new `template.function_blacklist` field in the client configuration. When rendering a task template, path parameters for the `file` function will be treated as relative to the task directory by default. Relative paths or symlinks that point outside the task directory will raise an error. An operator can opt-out of this protection with the new `template.disable_file_sandbox` field in the client configuration.
2026-01-07 19:05:42 +03:00 · 2019-08-02 15:20:14 -04:00
parent e4e7ca074d
commit ffb83e1ef1
7 changed files with 100 additions and 23 deletions
--- a/command/agent/agent.go
+++ b/command/agent/agent.go
@@ -468,6 +468,8 @@ func convertClientConfig(agentConfig *Config) (*clientconfig.Config, error) {
 	conf.ClientMaxPort = uint(agentConfig.Client.ClientMaxPort)
 	conf.ClientMinPort = uint(agentConfig.Client.ClientMinPort)
 	conf.DisableRemoteExec = agentConfig.Client.DisableRemoteExec
+	conf.TemplateConfig.FunctionBlacklist = agentConfig.Client.TemplateConfig.FunctionBlacklist
+	conf.TemplateConfig.DisableSandbox = agentConfig.Client.TemplateConfig.DisableSandbox

 	hvMap := make(map[string]*structs.ClientHostVolumeConfig, len(agentConfig.Client.HostVolumes))
 	for _, v := range agentConfig.Client.HostVolumes {
--- a/command/agent/config.go
+++ b/command/agent/config.go
@@ -242,6 +242,9 @@ type ClientConfig struct {
 	// DisableRemoteExec disables remote exec targeting tasks on this client
 	DisableRemoteExec bool `hcl:"disable_remote_exec"`

+	// TemplateConfig includes configuration for template rendering
+	TemplateConfig *ClientTemplateConfig `hcl:"template"`
+
 	// ServerJoin contains information that is used to attempt to join servers
 	ServerJoin *ServerJoin `hcl:"server_join"`

@@ -266,6 +269,20 @@ type ClientConfig struct {
 	BridgeNetworkSubnet string `hcl:"bridge_network_subnet"`
 }

+// ClientTemplateConfig is configuration on the client specific to template
+// rendering
+type ClientTemplateConfig struct {
+
+	// FunctionBlacklist disables functions in consul-template that
+	// are unsafe because they expose information from the client host.
+	FunctionBlacklist []string `hcl:"function_blacklist"`
+
+	// DisableSandbox allows templates to access arbitrary files on the
+	// client host. By default templates can access files only within
+	// the task directory.
+	DisableSandbox bool `hcl:"disable_file_sandbox"`
+}
+
 // ACLConfig is configuration specific to the ACL system
 type ACLConfig struct {
 	// Enabled controls if we are enforce and manage ACLs
@@ -675,6 +692,10 @@ func DevConfig() *Config {
 	conf.Client.GCDiskUsageThreshold = 99
 	conf.Client.GCInodeUsageThreshold = 99
 	conf.Client.GCMaxAllocs = 50
+	conf.Client.TemplateConfig = &ClientTemplateConfig{
+		FunctionBlacklist: []string{"plugin"},
+		DisableSandbox:    false,
+	}
 	conf.Telemetry.PrometheusMetrics = true
 	conf.Telemetry.PublishAllocationMetrics = true
 	conf.Telemetry.PublishNodeMetrics = true
@@ -716,6 +737,10 @@ func DefaultConfig() *Config {
 				RetryInterval:    30 * time.Second,
 				RetryMaxAttempts: 0,
 			},
+			TemplateConfig: &ClientTemplateConfig{
+				FunctionBlacklist: []string{"plugin"},
+				DisableSandbox:    false,
+			},
 		},
 		Server: &ServerConfig{
 			Enabled:   false,
@@ -1295,6 +1320,10 @@ func (a *ClientConfig) Merge(b *ClientConfig) *ClientConfig {
 		result.DisableRemoteExec = b.DisableRemoteExec
 	}

+	if b.TemplateConfig != nil {
+		result.TemplateConfig = b.TemplateConfig
+	}
+
 	// Add the servers
 	result.Servers = append(result.Servers, b.Servers...)

--- a/command/agent/config_test.go
+++ b/command/agent/config_test.go
@@ -94,6 +94,10 @@ func TestConfig_Merge(t *testing.T) {
 			MaxKillTimeout:    "20s",
 			ClientMaxPort:     19996,
 			DisableRemoteExec: false,
+			TemplateConfig: &ClientTemplateConfig{
+				FunctionBlacklist: []string{"plugin"},
+				DisableSandbox:    false,
+			},
 			Reserved: &Resources{
 				CPU:           10,
 				MemoryMB:      10,
@@ -253,6 +257,10 @@ func TestConfig_Merge(t *testing.T) {
 			MemoryMB:          105,
 			MaxKillTimeout:    "50s",
 			DisableRemoteExec: false,
+			TemplateConfig: &ClientTemplateConfig{
+				FunctionBlacklist: []string{"plugin"},
+				DisableSandbox:    false,
+			},
 			Reserved: &Resources{
 				CPU:           15,
 				MemoryMB:      15,