Concerns about plugin security and other things #3414
Unanswered
Kixunil
asked this question in
Plugins & integrations
Replies: 2 comments 1 reply
-
These are good and valid points, getting this right is not trivial for sure -- thanks a lot for this valuable input! To start small, I began providing SHA256SUMS for LNbank releases (see v1.1.0) and added the files to the plugin PR. That gives us something to start with on that front. |
Beta Was this translation helpful? Give feedback.
1 reply
-
I finally did: https://github.com/Kixunil/programming_writings/blob/master/packaging_is_not_dead.md |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Firstly, I think this is not a vulnerability serious enough to embargo because it is only exploitable by GitHub or compromised BTCPay developers or other theoretical circumstances and can be avoided mostly by just not using plugins.
I noticed plugins have these security issues:
Other issues:
git clone --depth 1
could be used instead which would also make local sources possible (but being able to just change plugin directory is better)For me personally these things toghether would resolve all but the sandboxing issue since CADR already takes care of these:
However I strongly recommend to at least sign the plugins for non-CADR users. Also would really, really like to see some sandboxing being implemented.
Beta Was this translation helpful? Give feedback.
All reactions