Too many GitHub permissions required

[madchap]

When wanting to try TD, it asked me for the following GitHub permissions, which in my opinion are too much:

As a result, I personally didn't want to grant so much.

Maybe it is possible to ask for less and achieve what is needed?

Cheers!

[jgadsden]

Hello @madchap - thanks for raising this issue, it does look too wide and should be much more restricted permissions (if that is possible to do, I am not sure).

Do you want to try out the desktop version of Threat Dragon? https://github.com/mike-goodwin/owasp-threat-dragon-desktop/releases/tag/v1.2

It uses the local file system rather than github, but you can clone your github repo and then commit + push back up to the repo. Cheers, Jon

[madchap]

Sure, I'll give it a try.

[mike-goodwin-sage]

The problem is that the OAuth scopes in GitHub are very coarse grained. I couldn't find a cope that would allow it to write the files without aqll the other (unused) permissions to. This is the exact reason why the desktop variant was created. Having said that, there may have been some changes since it was implemented...

[mike-goodwin-sage]

I think if the app was converted to a GitHub App rather than and OAuth App it would be possible to get fewer permissions, for example it could work by issuing PRs for model changes rather than committing them directly. BUT, this would require longer term storage of access tokens. At the moment the tokens are stored for a pretty short period (like 60 mins after they are last used). They are obviously stored encrypted too. This means that even a total breach would only give the attacker access to recentlyused tokens (assuming they could decrypt them).

[jgadsden]

Migrated to new issue in the OWASP area repo : https://github.com/OWASP/threat-dragon/issues/14