edgelesssys / edgelessdb

EdgelessDB is a MySQL-compatible database for confidential computing. It runs entirely inside a secure enclave and comes with advanced features for collaboration, recovery, and access control.
https://edgeless.systems/products/edgelessdb
GNU General Public License v2.0
170 stars 17 forks source link

Is putting the password in the environment variable secure enough? #111

Closed Laisky closed 2 years ago

Laisky commented 2 years ago

I noticed that if you let the edgelessdb run in marblerun mode, marblerun injects the password(masterKey) into the container's environment variables

23471659334560_ pic

we should assume that the platform is untrustworthy and protect our applications through Enclave. But the platform admin is able to view the environment variables of the container. So the admin can get the database encrypting paasword by looking at the environment variables?

thomasten commented 2 years ago

Similar to the SGX LibOSes, these environment variables only exist inside the enclave and aren't visible or accessible from the host.

Laisky commented 2 years ago

Similar to the SGX LibOSes, these environment variables only exist inside the enclave and aren't visible or accessible from the host.

Thanks for the answer, I went to study the principle of marblerun, I misunderstood it before