consider hostile markdown code as a threat model
A recent GitLab release patched an undisclosed "Remote code execution via unsafe user-controlled markdown rendering options" which allows "unauthorised authenticated users to execute arbitrary code on the server".
This is particularly bad for us because the Anonymous Ticket Portal allows users to submit such Markdown code into the sytem. It's not clear to me how it could be done, but we might want to be more careful about the data we feed into GitLab, considering we are basically doing a privilege escalation here, by allowing multiple users to impersonate a single one here...
Also related to gitlab#81 (closed)
Edited by anarcat