-
Notifications
You must be signed in to change notification settings - Fork 13.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update security model of Airflow (#32098)
* Update security model of Airflow This change updates the security model of Airflow to better explain what are the capabilities of various kinds of users in Airflow deployments and give both users and security researchers a way to understand what security measures they can take and whether they can qualify potential security issues in Airflow properly - taking into account that various users of Airflow have various capabilities and behaviours considered by some of the users as security vulnerabilities, are standard capabilities of the users. It also splits the security information of ours in two separate pages: * .github/SECURITY.md where we explain how to report the issues to Apache Airflow security team by the researchers * documentation security/index.html which is available via Airflow Website where we explain what our security model is and the different kinds of users we have. Both serve slightly different purpose and both contain cross-reference links to each other in order to be able to redirect people who read about the security model to find out how they can report the issues but also to guide security researchers who want to assess whether their findings are real vulnerabilities, or rather normal behaviours following the Airflow Security model. Security has been also moved to be a top level topic, so that it is easier to find and navigate to. Old links have been redirected to the new locations. Also chapters were added explaining Airflow vs. Providers security releases, what is the relation between Airflow and Providers security issues and how users should treat security announcements in providers. * Update .github/SECURITY.md Co-authored-by: Pankaj Koti <pankajkoti699@gmail.com> * Apply Niko's suggestions from code review Co-authored-by: Niko Oliveira <onikolas@amazon.com> * fixup! Apply Niko's suggestions from code review --------- Co-authored-by: Pankaj Koti <pankajkoti699@gmail.com> Co-authored-by: Niko Oliveira <onikolas@amazon.com>
- Loading branch information
1 parent
f6db66e
commit 4efbcdc
Showing
27 changed files
with
254 additions
and
121 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 0 additions & 28 deletions
28
docs/apache-airflow/administration-and-deployment/security/index.rst
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.