Bug Report: Google Gemini API Access Control Bypass

Gemini API
, , ,
1

Issue Description

When using the Google Gemini API to process content from a Google Docs URL, the API appears to bypass standard Google Drive access permissions. Specifically, if a user previously had access to a Google Document but that access was subsequently revoked by the document author, the Gemini API is still able to access and process the content of that document when provided with its URL. This allows unauthorized access to data that the user should no longer be able to view.

Steps to Reproduce

  1. Prepare a Google Document:
  • Create a new Google Document (e.g., “Test Document for Gemini Access”).
  • Add some unique text content to it (e.g., “This is confidential information that should not be accessible.”).
  • Share this document with the Google account you use for the Gemini API, granting it viewer access.
  1. Initial Gemini API Access (Verify Access):
  • Use your tool to upload the URL of this Google Document to the Gemini API.
  • Craft a prompt (e.g., “Summarize the content of the provided document.”) and send it to the Gemini API.
  • Expected Result: The Gemini API should successfully process the document and return a summary of its content. (This step confirms the API initially works as expected with granted access.)
  1. Revoke Access:
  • As the author of the Google Document, revoke the access for the Google account used with the Gemini API. Ensure the sharing settings for that specific account are removed.
  • Manually try to open the Google Document URL in a web browser while logged into the Google account used for the Gemini API.
  • Expected Result: You should be prompted to “Request access” to the document, confirming that the access has been successfully revoked at the Google Drive level.
  1. Second Gemini API Access (Demonstrate Bypass):
  • Using your tool and the same Google Document URL (despite access being revoked), provide it to the Gemini API again.
  • Send the same summarization prompt.
  • Actual Result: The Gemini API still processes the document content and returns a summary.
  • Expected Result: The Gemini API should return an error indicating “access denied,” “permission denied,” or a similar message, as the user’s account no longer has permission to view the document.

Impact

This bug represents a critical security vulnerability. It means that the Gemini API can be used to bypass Google Drive’s access control mechanisms, potentially exposing sensitive or confidential information to users who no longer have authorized access. This undermines data privacy and could lead to unauthorized data disclosure.

Environment

  • API Used: Google Gemini API (specify exact version if known, otherwise state “latest available”)
  • Method Used: Likely GenerativeModel.generate_content after providing content via URL (or similar)
  • Programming Language/Framework: [Your language, e.g., Python 3.9, Node.js, etc.]
  • Google Doc Type: Standard Google Document (.gdoc extension, not converted from other formats)
3

Hello,

To accees any document using URL context, the url should be publically available or else url context will not work.

If you are using some other approach or even if this method is working for you, could you please share you code with us so that we can reproduce your issue?