Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rethink security model around tokens #859

Open
zorun opened this issue Oct 13, 2021 · 1 comment
Open

Rethink security model around tokens #859

zorun opened this issue Oct 13, 2021 · 1 comment
Labels
discussion security

Comments

@zorun
Copy link
Collaborator

zorun commented Oct 13, 2021

While writing documentation in #858 , I thought that the token model is a bit strange.

Tokens are good when used in invitation links: people can connect without knowing the private code, and so they can't change the private code in the web interface.

However, the same token can be used to change the private code through the API!

I like the feature "get access to a project without the power to change the private code", so to keep it we could:

  • use a different token for invitation links and for the API
  • when trying to change the private code through the API, ask for the current private code
@almet
Copy link
Member

almet commented Oct 17, 2021

I like the idea that anybody with access to the project can change anything in it. It's simple enough and reduces the need to implement ACLs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@almet @zorun