Security issue with secret information in templates - Githubissues

ForkbombEu / signroom

Document and data signing platform

GNU Affero General Public License v3.0

5 stars 0 forks source link

Security issue with secret information in templates #558

Open andrea-dintino opened 2 months ago

andrea-dintino commented 2 months ago

Due to the nature of the templates, most likely in the JSON of each template the user will want to have some passwords, tokens or similar. This produces multiple issues:

those who will hack the DIDroom dashboard, will read the secrets
for the templates that are public, other registered users can read the secret

See screenshot: https://gyazo.com/f7149bc6bf16b42d652d5942b76480ee

Possible mitigations:

replace all the values in the json with ".....": bad because that requires considerable manual work for the user to fix
create a second data channel (similar to Zenroom's "keys" and "data") where the above happens.
warn the user not store any secret data, with some scary copy or with a blocking pop-up requiring the user to accept before the JSON can be edited (currently the preferred way).
???

If the 3. way is chosen, we must help the user to enter the secret data into the deployment of the microservices.
If the 1. or 2. way is chosen, we can provide an additional tool/dialog to enter the secrets into the deployment (via cliroom?)

puria commented 2 months ago

@andrea-dintino vaults could be an idea