Attacker goals #76
Open
Attacker goals #76
+13
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Justin Cappos <justincappos@gmail.com> Signed-off-by: Marina Moore <mnm678@gmail.com>
Co-authored-by: Marina Moore <mnm678@users.noreply.github.com> Signed-off-by: Marina Moore <mnm678@gmail.com>
Co-authored-by: Marina Moore <mnm678@users.noreply.github.com> Signed-off-by: Marina Moore <mnm678@gmail.com>
Co-authored-by: Marina Moore <mnm678@users.noreply.github.com> Signed-off-by: Marina Moore <mnm678@gmail.com>
Co-authored-by: Marina Moore <mnm678@users.noreply.github.com> Signed-off-by: Marina Moore <mnm678@gmail.com>
Co-authored-by: Marina Moore <mnm678@users.noreply.github.com> Signed-off-by: Marina Moore <mnm678@gmail.com>
Signed-off-by: Marina Moore <mnm678@gmail.com>
mnm678
commented
Jun 21, 2021
threatmodel.md
Outdated
| 3. To have a party deploy a different artifact than the one requested, including an older version when the latest is requested. | ||
| 4. Disrupt the verification of artifact signatures, for example by making the current version of metadata unavailable. | ||
| 5. Prevent a party from learning about updates to currently installed artifacts. | ||
| 6. Convince a party to download large amounts of data, such as signatures or metadata, that interfere with the party's system. |
There was a problem hiding this comment.
We discussed removing this in favor of the registry-defined data size, but upon reflection I think there could be value in including this limit in signed and verifiable metadata (so that an attacker couldn't alter it in transit, etc). But I'd appreciate input from folks on the registry side.
There was a problem hiding this comment.
I moved this requirement to out of scope, with a note that the registry should consider this attack (like opencontainers/distribution-spec#260)
Signed-off-by: Marina Moore <mnm678@gmail.com>
Closed
sudo-bmitch
approved these changes
Aug 4, 2021
|
@mnm678 Would you mind closing this PR since no activities for more than 1 year? You can create a new issue to describe the problem if needed. Thanks. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
supersedes #35
Adds an attacker goals and out of scope section to the threat model.