GitHub Enterprise Server

Synopsis

GitHub Enterprise Server is the on-premise version of GitHub Enterprise. GitHub Enterprise Server shares a code-base with GitHub.com, is built on Ruby on Rails and leverages a number of open source technologies. GitHub Enterprise Server adds a number of features for enterprise infrastructures, including additional authentication backends and clustering options.

You can request a trial of GitHub Enterprise Server for security testing at https://enterprise.github.com/bounty. Code de-obfuscation may be explored to further investigate GitHub Enterprise Server but only for the purpose of the bounty program.

Focus areas

Out of scope

Ineligible submissions

Vulnerabilities caused by lack of subdomain isolation

Vulnerabilities present in GitHub Enterprise Server when subdomain isolation is disabled. GitHub recommends that all GitHub Enterprise Server installations should have subdomain isolation enabled.

Escalation to the root user via sudo

Administrative SSH access grants sudo to be used to escalate to root permissions. Given this existing level of privilege, local escalation of the administrative account to root permissions is not considered in scope.

Access to sensitive configuration information with local access

Access to the GitHub Enterprise Server appliance shell and its containers is expected to include access to sensitive information and credentials that are required to operate local services.

Bypassing source code de-obfuscation

GitHub Enterprise Server uses code obfuscation to discourage the modification of the application. We are aware of de-obfuscation techniques that could be used to reveal source code or bypass license restrictions.

Submit a vulnerability for GitHub Enterprise Server