Improving security in case of malicious archive content - Cloud

Talend Cloud Installation and Upgrade Guide

Operating system
Talend Cloud
Talend Artifact Repository
Talend Data Stewardship
Talend Management Console
Talend Remote Engine
Talend SAP RFC Server
Talend Studio
Installation and Upgrade
Last publication date
Available in...

Cloud API Services Platform

Cloud Data Fabric

Talend JobServer has built in protection against ZIP Slip and ZIP Symlink attacks. To harden it even more, you can set limits for archive properties in order to protect Talend JobServer against malicious Job archive content.

In case of malicious Job archive content, Denial of Service attacks aiming to break the file system or exhaust disk space might be performed.

To avoid this risk, you can set harder limits for folders and files names, taking into account the space needed for your Job deployments. The default values are stored in the org.talend.remote.jobserver.server.cfg file located in etc directory.

These values should not be higher than the name sizes supported by the file system used for the TalendJobServersFiles folder. If one or various limits are exceeded, an error message is displayed and the deployment is rejected.

The default values for the editable parameters are listed in the following table. These parameters all start with:
Parameters to improve security in case of malicious archive content
Parameters Description

Maximum size for the archive ZIP file that is being extracted during the deployment.

The default value is of 1 GB.


Number of entries in the archive file.

The default maximal value is 2048.

Length of the archive ZIP file name.

The default maximal value is 240 characters.


Length of folder names inside the archive ZIP file.

The default maximum length of the unzipped folder name is 240 characters.

Length of file names inside the archive ZIP file.

The default maximal value is 240 characters.


Depth limit for folders inside the archive ZIP file.

The default value is 64 levels.

Size limit for the sum of all archives stored in TalendJobServersFiles/archiveJobs folder.

The default size limit is 100GB.