RESEARCH OF METHODS AND TOOLS FOR IMPROVING GIT LFS PROTOCOL SECURITY

Abstract

In the current landscape of rapidly evolving DevOps and MLOps practices, the Git version control system has become the industry standard, capturing over 90% of the development market. The surge in machine learning adoption and the necessity of versioning large binary objects (ML models, datasets) have driven the widespread implementation of the Git Large File Storage (LFS) extension. However, the specific architecture of this protocol, based on separating metadata from file content, creates a new, critical attack surface that remains insufficiently explored within the context of Software Supply Chain Security. ​In light of these issues, the objective of this study is to perform a systemic analysis of architectural vulnerabilities in the Git LFS protocol and to develop a comprehensive set of practical recommendations for enhancing infrastructure security. To achieve this, threat modeling methods and experimental testing in a controlled environment were applied, specifically involving data migration between GitLab and GitHub. Additionally, the Batch API specification and hybrid authentication mechanisms were analyzed in detail. ​The study experimentally confirmed that using a hybrid transport model (SSH for Git, HTTPS for LFS) creates a "security context gap," complicating access validation. Based on the analysis, three groups of critical vulnerabilities were identified: confidentiality breaches due to insufficient object ownership verification, data integrity threats via file content substitution ("cache poisoning"), and availability risks due to quota exhaustion attacks (Quota-based DoS). Specifically, it was determined that the lack of hash verification on the cloud storage side allows for the injection of malicious code into ML models, bypassing standard security measures. ​Synthesizing the results, the paper systematizes attack vectors on LFS infrastructure and adapts international security practices mandated for LFS server protection. Key proposed measures include transitioning to a "Verify-before-Write" model, prohibiting the use of deploy keys for write operations, and implementing strict quota attribution to the current repository.