0

I have a scenario where a customer wants to host an application I wrote on App Engine on his own Google Cloud tenant. Given the customer is of course admin on his tenant, even though it seems that appcfg.py download_app is no longer supported / deprecated, it's still possible to download source code via Cloud Debugger or by directly accessing the Cloud Storage Buckets.

So the question is a) is there a way to prevent this (I guess no, not if the customer has admin access) or b) are there any suggestions / best practice approaches to this problem?

lightxx
  • 1,037
  • 2
  • 11
  • 29

1 Answers1

4

I don't believe you can totally prevent that from happening. I believe the best you can do is to remove the paths to the easy downloads.

  1. When you run gcloud app deploy with the default settings, your source code will go to staging.<appid>.appspot.com. These files will stay there for a default of 15 days before being deleted unless you change the settings.

  2. You can delete the contents from that staging bucket (or from whatever bucket you used for staging). This will prevent the admin from using gsutil cp command to download the files.

  3. Even if you don't delete the files from staging bucket, the files there are listed with their encoded filenames so running gsutil cp command still requires a later lookup to figure out the corresponding human readable file names and also the folder path since the files are not stored using the directory structure in which you did the upload. This is a tedious effort unless you're using a tool. This blog article from us provides a detailed explanation of this scenario (bullets 1 - 3) and a tool for automated download from the staging bucket.

  4. Even if you have deleted the files from the staging bucket, the person might still be able to go to ``` admin console > versions > view source and see the uploaded source code. To download, they would have to manually open each file, copy the contents and save it. That is a lot of work.

NoCommandLine
  • 5,044
  • 2
  • 4
  • 15
  • When linking to your own site or content (or content that you are affiliated with), you [must disclose your affiliation _in the answer_](/help/promotion) in order for it not to be considered spam. Having the same text in your username as the URL or mentioning it in your profile is not considered sufficient disclosure under Stack Exchange policy. Please update all your answers that link to such content accordingly. – cigien Jan 28 '22 at 15:42
  • done. I thought that since I listed other sources even before mine and everything was directly relevant to the question, an explicit disclosure was not necessary. – NoCommandLine Jan 28 '22 at 15:49
  • Yes, there's no issue with the link itself, in that it appears to be relevant to the question. The only missing part was disclosure, which you've now added. Thanks for the edit. – cigien Jan 28 '22 at 15:54