steven-bellock
commented
5 months ago Presumably 2 and 3 have tighter access controls than the current repositories? Ie, only one or two folks would be able to publish there.
Open korran opened 5 months ago
steven-bellock
commented
5 months ago Presumably 2 and 3 have tighter access controls than the current repositories? Ie, only one or two folks would be able to publish there.
korran
commented
5 months ago With 2, we would place the artifacts into the git repository itself, which can use branch protection rules to enforce security policy.
With 3, the GHA workflows would be responsible for publishing the binaries, and changing those workflows would require a PR that has to pass the branch protection rules.
In both cases, although this protects the artifacts from repo writers, the few folks with "maintainer" privileges would still have the ability to change the settings and publish malware.
steven-bellock
commented
5 months ago This is quite prescient given the xz backdoor.
When releasing a new version, the "Nightly Release' workflow builds the firmware into a zip file and a "GitHub Release" is created for a repo (for example, see the rt-1.0.0 release).
Unfortunately, anyone with write access to the caliptra-sw or caliptra-rtl repositories can modify the released artifacts, without any additional review or audit logging. You can imagine a scenario where an insider modifies the release to add a backdoor, a vendor downloads the release to integrate in their project, and later the insider switches the binary back to the original version to hide the evidence.
Potential solutions: