Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security console has no safeties against multiple runs #373

Open
mikron-ia opened this issue Aug 5, 2023 · 0 comments
Open

Security console has no safeties against multiple runs #373

mikron-ia opened this issue Aug 5, 2023 · 0 comments
Labels
importance: may Purely optional, nothing important happens if not done internal Without much influence on the interface security A security issue, be it a bug or design problem

Comments

@mikron-ia
Copy link
Owner

The security console commands (rbac/*) can be ran any number of times, and the only safeties that prevents repeated runs from causing a mess are database integrity constraint violation checks - hardly a pretty or reliable solution.

Add a simple migration-like system on this mechanism:

  • Check whether any given rbac/* command was ran via a database table
    • If it was, report this and do not run it again
    • If it wasn't, run it and note that

This does not entail any rollbacks or anything like this - this is a simple safety system, not a complete system.
@mikron-ia mikron-ia added internal Without much influence on the interface security A security issue, be it a bug or design problem importance: may Purely optional, nothing important happens if not done labels Aug 5, 2023
@mikron-ia mikron-ia added this to Hub Jun 1, 2024
@mikron-ia mikron-ia moved this to To Do in Hub Jun 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
importance: may Purely optional, nothing important happens if not done internal Without much influence on the interface security A security issue, be it a bug or design problem
Projects
No open projects
Hub
Status: To Do
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mikron-ia