PyPI Administrator/PSF Infrastructure Director's Oversight Leads to Github Token Leak
Brook.X
In a striking reminder that human error remains a fundamental security weakness, PyPI administrator and Python Software Foundation (PSF) Infrastructure Director Ee Durbin experienced a significant mishap. Durbin inadvertently pushed a local file containing a Github Token to Github, resulting in the token's exposure.
Security researchers at the firm JFrog stumbled upon the leaked Github token, which granted elevated access to Python, PyPI, and the Python Software Foundation (PSF) repositories.
Given Python's widespread use and popularity in the industry, exploitation of this token by hackers could lead to the modification of packages with malicious code, posing a severe risk of supply chain attacks. There was even the potential for malicious code to be injected directly into Python itself.
The token was discovered within a public Docker on Docker Hub, hidden in a compiled Python file (build.cpython-311.pyc) that had been negligently left uncleaned.
After JFrog notified PyPI of the issue on June 28, 2024, Durbin acknowledged that the token was linked to his Github account. The token was created sometime before March 3, 2023, but the exact creation date could not be determined as the 90-day security log was no longer available.
Durbin apologized and provided an explanation for the oversight:
While locally developing the cabotage-app5 and dealing with the codebase's build aspect, I repeatedly encountered Github API rate limits, which only apply to anonymous access.
In production, the system was configured as a Github App. Out of laziness, I modified the local file to include my personal Github token instead of configuring the local host for Github App. These changes were never meant to be pushed remotely.
Although I was aware of the risk of .py files leaking tokens, I had not considered .pyc files that contain compiled bytecodes. A script that I used for a staging deployment, which attempted but failed to perform a temporary cleanup including the removal of hardcoded secrets, was executed.
The pyc file was not excluded in the build process, leading to its publication in the Docker image and the subsequent token leak.
Currently, an examination of the account and related projects has not revealed any malicious use of the token. Fortunately, JFrog, being security researchers rather than hackers, was the first to notice the token. This incident, therefore, did not escalate into a more serious problem.
