You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As some security concerns are known to exist around libgsf (see e.g. https://github.com/schwehr/generic-sensor-format/issues), make clear in the README that it is the responsibility of the calling application to mitigate these where necessary.
Likewise, it should be reiterated to users of gsfpy that GSF data processed by the package should come from reputable sources and should be integrity checked where possible, as it is a possible attack vector.
ACs
README updated with notes on security including the points mentioned above.
The text was updated successfully, but these errors were encountered:
Action from Threat Modelling session of 03/06/20.
As some security concerns are known to exist around libgsf (see e.g. https://github.com/schwehr/generic-sensor-format/issues), make clear in the README that it is the responsibility of the calling application to mitigate these where necessary.
Likewise, it should be reiterated to users of gsfpy that GSF data processed by the package should come from reputable sources and should be integrity checked where possible, as it is a possible attack vector.
ACs
The text was updated successfully, but these errors were encountered: