-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SPEC-8: Supply-Chain Security #9
Comments
@larsoner and I went through the process of getting OpenSSF "silver" for MNE-Python last year, so feel free to bug one of us if you encounter bits of the process that don't make sense, or just want to copy our solutions |
Things that I'm the most interested in are:
|
I am interested in this topic, mostly in terms of coming up with a few "good bang for buck" recommendations. For example trusted publishers looks like one of these things. Reducing the number of accounts with elevated access seems like another such thing. Requiring 2FA. Managing dependencies (reducing the number of them, assessing their trustworthiness, etc). Social infrastructure against scam tactics. There are probably a few more such "low hanging fruits" that could form a guide of concrete actions projects can take, aimed at the casual maintainer, not those already much deeper into the subject. I've taken a few minutes to look at SLSA and OpenSSf and stopped reading after a few minutes of "standard this", "attestation that", "certify blah". It seemed more like checklists that you can use to see how you are doing but not really giving you advice what to do. |
You're right that a lot of openssf is like that. The most concrete change we made was adding an action that uses bandit to check for security faux pas. It caught some things. With or without openssf I'd recommend it |
Some of these security measures are also meant to improve the trust and transparency in the build/distribution process. Some things might seems like just badges like the SLSA action. But what it provides users with is the insurance that a certain artifact comes from a specific run they can audit. All in all, adding all these small things really bumps the whole system's security as it's becomes very hard for a bad actor to compromise everything. Because audit solutions would flag any inconsistency. |
In terms of scope, we also need to keep in mind the SPEC 6. It notably talks about permissions, passwords, tokens, 2FA and SSH keys. We could merge the outcome to this workshop into this SPEC or make a new one as I propose here. |
I also think one of the key piece is https://reproducible-builds.org/ I'm doing it for IPython. It's nice to have things signed , but if a different machine can reproduce the same artifacts, it's even better than signing. |
I see it as complementary: Signing: who |
I think it's more than just replicate, it's "actually comes from the source", even if you mostly don't trust most of the people that try to reproduce the build. With that it is sufficient for the release commit to be signed, you can derive the validity of the artifacts. I agree it's complementary, but in the case the publisher/distributor is compromised, without reproducibility, it's hard/impossible to audit (well in case of a pure python wheel, ok, you just need to dezip). Another big difference is that reproducibility is binary/factual, while signing does bring into the fold the question of trust in addition to valid signature (as well as revocation, expiration and distribution of keys). |
Yep but still not a silver bullet. If the sources are compromised to start with right before cutting the release then reproducibility is also not covering it all. You will reproduce the faulty artifact. I do like reproducibility and think it should be part of the "package". I just think we need complementary measures at least for cases where it's difficult to make it happen. Like a very exotic build infra. |
This is excellent! Here's what I would recommend as areas of focus:
Reproducible builds are definitely nice to have but are usually outside your control especially when it comes to compiled libraries, you need to have the entire toolchain+dependencies support reproducible builds and have the libraries and their versions identical too. Always happy to see progress in this area though! |
Note: IIRC by default git does have |
Example attestation: scikit-hep/iminuit#993 (comment) |
This SPEC was written at the 2024 Scientific Python Developer Summit (scientific-python/summit-2024#9). This SPEC outlines the process of adopting security tools and standards to securely publish release artifacts that have already been built (securely building release artifacts will be addressed in a future SPEC). There is a plan to also add a publishing topical guide to the [Scientific Python Developer guides](https://learn.scientific-python.org/development/guides/) to provide more context, nuance, and details following the adoption of this SPEC. We're also very happy to have had guidance from @sethmlarson, the [PSF Security Developer in Residence](https://pyfound.blogspot.com/2023/06/announcing-our-new-security-developer.html) on this SPEC. 🚀 --------- Co-authored-by: Pamphile Roy <23188539+tupui@users.noreply.github.com> Co-authored-by: Tim Head <betatim@gmail.com> Co-authored-by: Stefan van der Walt <sjvdwalt@gmail.com> Co-authored-by: Juanita Gomez <juanitagomezr2112@gmail.com> Co-authored-by: Brigitta Sipőcz <b.sipocz@gmail.com> Co-authored-by: Lars Grüter <lagru+github@mailbox.org>
Cross reference with https://discuss.scientific-python.org/t/spec-8-supply-chain-security/1163
Copying from @tupui's original post there, areas of focus could be:
The text was updated successfully, but these errors were encountered: