Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔒 Ideas about security #15

Open
rneswold opened this issue Nov 1, 2022 · 0 comments
Open

🔒 Ideas about security #15

rneswold opened this issue Nov 1, 2022 · 0 comments
Labels
design Formalize specification(s) difficulty:medium Issues will take some thought to complete enhancement New feature or request help wanted Extra attention is needed security Issue related to security
Milestone
Release v0.5.0

Comments

@rneswold
Copy link
Contributor

rneswold commented Nov 1, 2022
edited
Loading

Redis Security

If you're using the Redis backend, you need to be able to protect the database from malicious clients. As of v0.1.0, DrMem has a config option to indicate the host and port of the Redis server. I configure Redis to only listen to the loopback address. This means DrMem has to be running on the same system and it relies on the system's security to limit who can log into the machine.

If you have several DrMem instances and want to share a Redis instance, then Redis will need a publicly accessible address. Redis can be configured to restrict database keys to certain clients. If we want this tighter control, we'll have to make the following changes to DrMem:

  • The config file will specify the address and port of the Redis server (as it does currently) but it can also specify if it's an encrypted connection. We'll have to determine whether we should support self-signed certificates.
  • Each driver instance should have optional name/password fields. That way each driver can be restricted to only update specific database keys. The name/password is unused for the simple backend.

GraphQL Security

Currently we're using an unencrypted, open http connection to control DrMem. I envision mobile and web apps interfacing with DrMem. But we want to keep things simple since the only clients to my control system will be my phone and maybe tablet. For this tiny use-case, I think the following can be used:

  • A self-signed certificate can be generated for each DrMem instance. The DrMem config file will specify the location of the certificate. From this certificate, you can obtain the digital "fingerprint".
  • When writing a mobile app, you can compile into the source, or provide an entry field, to import the fingerprint. This way the app can connect to DrMem and verify the certificate without the Internet being required.
  • For your application, you generate a client-side certificate and build it into your mobile app (this is assuming you're not putting your app on a store for others to download.)
  • In your DrMem config, a field clients takes an array of digital fingerprints. These are the accepted clients that can connect.
  • I don't know that we need further ACLs.
@rneswold rneswold added design Formalize specification(s) enhancement New feature or request help wanted Extra attention is needed security Issue related to security labels Nov 1, 2022
@rneswold rneswold added the difficulty:medium Issues will take some thought to complete label Apr 19, 2023
@rneswold rneswold changed the title Ideas about security 🔒 Ideas about security Feb 12, 2024
@rneswold rneswold added this to the Release v0.4.0 milestone Mar 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
design Formalize specification(s) difficulty:medium Issues will take some thought to complete enhancement New feature or request help wanted Extra attention is needed security Issue related to security
Projects
None yet
Milestone
Release v0.5.0
Development

No branches or pull requests
1 participant
@rneswold