Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default to secure on a new installation #279

Closed
0xdade opened this issue Jun 10, 2020 · 0 comments · Fixed by #284
Closed

Default to secure on a new installation #279

0xdade opened this issue Jun 10, 2020 · 0 comments · Fixed by #284
Labels
enhancement New feature or request security For security related findings server affecting natlas-server

Comments

@0xdade
Copy link
Member

0xdade commented Jun 10, 2020

Is your feature request related to a problem?
Right now we default to open on a new installation -- that is, we don't require login to access the application and we don't require agents to authenticate against the server in order to get or submit work.

Describe the feature you'd like
A new installation should default to being secure - login required to access the data and agent authentication required to get and submit work.

Have you considered alternative ways to get this feature
Optionally these could be bootstrapped by the env config (or moved entirely to the config file when we have the config file), though I like the notion of being able to turn on and off these capabilities without having to restart the application and would prefer to keep them in the back-office.
@0xdade 0xdade added enhancement New feature or request server affecting natlas-server security For security related findings labels Jun 10, 2020
0xdade referenced this issue in 0xdade/natlas Jun 15, 2020
@0xdade
Secure defaults for login / agent auth
d94b1a2 
This closes #279 by making the default out-of-the-box configuration locked down. Login is required to view any data, and agent auth is required to get or submit any work.
@0xdade 0xdade mentioned this issue Jun 15, 2020
Merged
0xdade referenced this issue in 0xdade/natlas Jun 16, 2020
@0xdade
Secure defaults for login / agent auth
ccbc1a5 
This closes #279 by making the default out-of-the-box configuration locked down. Login is required to view any data, and agent auth is required to get or submit any work.
0xdade referenced this issue in 0xdade/natlas Jun 16, 2020
@0xdade
Secure defaults for login / agent auth
ee35f00 
This closes #279 by making the default out-of-the-box configuration locked down. Login is required to view any data, and agent auth is required to get or submit any work.
0xdade added a commit that referenced this issue Jun 16, 2020
@0xdade
Secure defaults for login / agent auth
0c83e24 
This closes #279 by making the default out-of-the-box configuration locked down. Login is required to view any data, and agent auth is required to get or submit any work.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request security For security related findings server affecting natlas-server
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Secure defaults for login / agent auth 0xdade/natlas
1 participant
@0xdade