Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Service discovery API is misleading with respect to security #105

Open
lthibault opened this issue Apr 7, 2023 · 0 comments
Open

Service discovery API is misleading with respect to security #105

lthibault opened this issue Apr 7, 2023 · 0 comments
Labels
security Has security implications
Milestone

Comments

@lthibault
Copy link
Collaborator

lthibault commented Apr 7, 2023

Flagging this ahead of #70. The current service discovery implementation introduces a mild security concern. While not a vulnerability in and of itself, it is likely to confuse users into introducing vulnerabilities in their applications.

The issue is that the service.Registry capability wraps a pubsub.Router capability, effectively providing an higher level API on top of the pubsub capability. Users could be misled into believing that a principal cannot provide or discover services because they have not been given a service capability of some sort, when in fact, they can still do so if they are able to join arbitrary topics.

Two possible solutions:

  1. Create an entirely separate pubsub mesh for service discovery, and wrap that.
  2. Change the service discovery API to receive Topics as arguments, instead of strings.

In addition to being simpler, it should be noted that option #2 avoids ambient authority in the form of topic strings. The counterpoint, which @aratz-lasa has brought up is that it may be initially confusing to users if the the API operates on topic instances instead of strings. This can be documented, and it also has the benefit of being more transparent w.r.t. underlying mechanics.

TODO: make a call.

@lthibault lthibault added the security Has security implications label Apr 7, 2023
@lthibault lthibault added this to the 0.1.0 Public Beta Release milestone Apr 7, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
security Has security implications
Projects
None yet
Development

No branches or pull requests

1 participant