OpenTDF Platform monorepo enabling the development and integration of _forever control_ of data into new and existing applications. The concept of forever control stems from an increasingly common concept known as zero trust.
BSD 3-Clause Clear License
15
stars
4
forks
source link
Audit: unsafe policy actions should be tracked in Audit #1004
we’d probably want to add a new action type with a prefix of unsafe_ or something similar
the other option I can see would be updating the object type since we’re already adding a bunch of those, but it doesn’t feel right since the “object” isn’t really unsafe itself, but the action being performed is
would probably need to sync with @dreyes29 about adding new action types, although I think we’re already assuming we’re doing that through the rewrap action type we’re creating?
reactivation would be unsafe_update to follow suit with deactivation being update
for cascading deletes I’d imagine everything in the cascade that gets deleted would also inherit the unsafe_ action type? Either that or the ones that already support “safe deletion” would just have regular deletes
Relates to #115
Warrants discussion but here is a quote
unsafe_or something similarunsafe_updateto follow suit with deactivation being updateunsafe_action type? Either that or the ones that already support “safe deletion” would just have regular deletes