It recently occurred to me that the on pull_request
event for GitHub actions can be triggered by absolutely anyone if you have a public repository.
i.e.:
something.yml
file to .github/workflows
that runs on the pull_request
eventThe action that they specify in a pull request is then run. If you have a self-hosted runner then literally any person on the planet can run shell commands on your server in the context of the self-hosted runner's user.
If this works as I think it does, any human on the planet can run arbitrary code on your server simply with a pull request. I tried this and it seems to be the case.
How can I whitelist hooks that actions can be triggered by on a repository? Or otherwise, how can I safely use Github Actions with a public repository and a self-hosted runner. I have seen the warning... I just assumed that I had to be careful not to accept pull requests from unknown provenance.
A configuration option was added to help secure self-hosted runners. If you have a public repository and a self-hosted runner, then you should always enable the option "Require approval for all outside collaborators" as seen in the Actions configuration screen below.
The new default is to require approval for all first-time contributors to run workflows.
However, GitHub still recommends that you do not use self-hosted runners with public repositories. They specifically state self-hosted runners should almost never be used for public repositories on Github As also mentioned on that page is to use CodeOwners to monitor changes to the directory that your workflow files are stored in (.github/workflows).