Code Executor Sandbox Escape
Retool’s security team has become aware of a sandbox escape in self hosted deployments of Retool that do not have a corresponding code executor deployment. If you do not have a code executor container running, we recommend that you set one up as soon as possible.
Am I affected?
All instances of self hosted deployments of Retool without a code executor deployment are vulnerable.
What is a sandbox (escape)?
A sandbox is a mechanism to isolate untrusted code from interacting with other untrusted code or with a host system. A sandbox escape is an exploit that allows the untrusted code to escape the sandbox and access systems on the host system.
Retool runs certain code in the backend container when a code executor deployment is not available. Retool uses a sandbox to isolate such code running from being able to access sensitive data and systems on the backend container. This means that this exploit could allow somebody with the relevant permissions to execute arbitrary code directly on the backend server. This would allow for escalated access such as accessing your encryption key.
What are the permissions required for this exploit?
In order to write an exploit that escapes the sandbox, a user would need to be authenticated in your Retool instance and have permissions to either edit workflows or to create new resources.
What mitigations are available?
To mitigate this issue as soon as possible, Retool recommends to audit your permissions configurations, and ensure that users have as few permissions as necessary to perform their functions on your instance. In particular, we recommend that you double check which users have access to create a new resource, and to create/edit workflows.
Beginning in version 3.251.0, backend execution of code is disabled by default. This affects the following functionality in deployments without a code executor container:
To opt in to affected functionality without a code executor deployment, and the corresponding risk of a sandbox escape, you can set the environment variable ALLOW_UNSAFE_CODE_EXECUTION. Retool does not recommend this option.