Detect GitHub Misconfigurations
Description
GitHub misconfigurations can pose significant risks to organizations and individuals who use the platform. A misconfiguration in GitHub can result in sensitive data exposure, intellectual property theft, and compromise of systems. It's crucial to regularly review and monitor GitHub configurations to prevent misconfigurations and ensure the security of sensitive information.
Jit will run the GitHub misconfiguration scanner on schedule and communicate the findings on the Backlog page.
| Stack layer | Security domain | Security tool initiated by this item |
|---|---|---|
| CI/CD Security | GitHub Misconfiguration Detection | Legitify |
Checklist
This security tool runs the following 5 high severity checks:
| Checks | Description (by Legitify) |
|---|---|
| Only Admins Should Be Able To Create Public Repositories | The organization should be configured to prevent non-admin members creating public repositories. Creating a public repository may expose sensitive organization code, which, once exposed, may be copied, cached or stored by external parties. Therefore, it is highly recommended to restrict the option to create public repositories to admins only and reduce the risk of unintentional code exposure. |
| Organization Should Have Fewer Than Three Owners | Organization owners are highly privileged and could create great damage if they are compromised. It is recommended to limit the number of Organizational Admins to the minimum needed (recommended maximum 2 owners). |
| Default Member Permissions Should Be Restricted | Default repository permissions configuration is not set in the organization, thus every new repository will be accessible by default to all users. It is strongly recommended to remove the default permissions and assign them on demand. |
| Workflows Should Not Be Allowed To Approve Pull Requests | The default GitHub Actions configuration allows for workflows to approve pull requests. This could allow users to bypass code-review restrictions. |
| Default Workflow Token Permission Should Be Read Only | The default GitHub Action workflow token permission is set to read-write. When creating workflow tokens, it is highly recommended to follow the Principle of Least Privilege and force workflow authors to specify explicitly which permissions they need. |
Additional checks will be added soon.
Configuration
To run Legitify, you must provide a personal access token (PAT) for your GitHub account. Create PAT here.
Required permissions:
- admin:org
- read:enterprise
- admin:org_hook
- read:org
- repo
- read:repo_hook
Copy the generated PAT.
Next, on the Secret Page, create a new secret. Name it github_misconfiguration_github_token. Paste the PAT to the Secret box and click Create Secret.
You can now enable GitHub Misconfiguration Detection.
Updated about 1 month ago