From 93d7de147b5c263f8f9065eb4efc59c84dc98bed Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Mon, 4 Mar 2024 13:57:33 +0100 Subject: [PATCH] adjust to new dev-model --- ...hreat_analysis_remote_login_propagation.md | 132 ++++++++++++++++++ docs/unsure-where-to-put/dev-notes.md | 40 +----- 2 files changed, 136 insertions(+), 36 deletions(-) create mode 100644 docs/content/development/threat_analysis_remote_login_propagation.md diff --git a/docs/content/development/threat_analysis_remote_login_propagation.md b/docs/content/development/threat_analysis_remote_login_propagation.md new file mode 100644 index 0000000000..912c5df3d2 --- /dev/null +++ b/docs/content/development/threat_analysis_remote_login_propagation.md @@ -0,0 +1,132 @@ +# Threat Analysis for RemoteLogin propagation + +See also [1] for getting an idea about the analysis. + +## Technical Background +### Control Flow + +```mermaid +sequenceDiagram + participant fs as foreign_repository_server + participant os as our_repository_server + + fs ->> os: post /api/activitypub/repository-id/1/inbox {Like-Activity} + activate os + os ->> repository: load "1" + os ->> os: validate actor id inputs + activate os + os ->> FederationInfo: get by Host + os ->> os: if FederatonInfo not found + activate os + os ->> fs: get .well-known/nodeinfo + os ->> NodeInfoWellKnown: create & validate + os ->> fs: get api/v1/nodeinfo + os ->> NodeInfo: create & validate + os ->> FederationInfo: create + deactivate os + os ->> ForgeLike: validate + deactivate os + + os ->> user: search for user with actor-id + os ->> os: create user if not found + activate os + os ->> fs: get /api/activitypub/user-id/{id from actor} + os ->> ForgePerson: validate + os ->> user: create user from ForgePerson + deactivate os + os ->> repository: execute star + os ->> FederationInfo: update latest activity + os -->> fs: 200 ok + deactivate os +``` + +### Data transferred + +``` +# NodeInfoWellKnown +{"links":[ + {"href":"https://federated-repo.prod.meissa.de/api/v1/nodeinfo", + "rel":"http://nodeinfo.diaspora.software/ns/schema/2.1"}]} + +# NodeInfo +{"version":"2.1", + "software":{"name":"gitea", + ...}} + +# LikeActivity +{"id": "https://repo.prod.meissa.de/api/v1/activitypub/user-id/1/outbox/12345", + "type": "Like", + "actor": "https://repo.prod.meissa.de/api/v1/activitypub/user-id/1", + "object": "https://codeberg.org/api/v1/activitypub/repository-id/12" + "startTime": "2014-12-31T23:00:00-08:00" +} + +# Person +{"id":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/10", + "type":"Person", + "preferredUsername":"stargoose9", + "name": "goose going to star the repo", + "publicKey":{"id":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/10#main-key", + "owner":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/10", + "publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBoj...XAgMBAAE=\n-----END PUBLIC KEY-----\n"}} +``` + +### Data Flow + +```mermaid +flowchart TD + A(User) --> |stars a federated repository| B(foreign repository server) + B --> |Like Activity| C(our repository server) + C --> |get NodeInfoWellKnown| B + C --> |get NodeInfo| B + C --> |get Person Actor| B + C --> |cache/create federated user locally| D(our database) + C --> |cache/create NodeInfo locally| D(our database) + C --> |add star to repo locally| D +``` + +## Analysis +### Assets + +1. **Service Availability**: The availability of our or foreign servers. +2. **Instance Reputation**: We hope our project does not live on a spam instance. +3. **Project Reputation**: The reputation of an individual project. + +### Actors + +1. **Script Kiddies**: Boored teens, willing to do some illegal stuff without deep knowledge of tech details but broad knowledge across internet discussions. Able to do some bash / python scripting. +2. **Experienced Hacker**: Hacker with deep knowledge. +3. **Hacker**: Hacker with some knowledge. +4. **Malicious Fediverse Member**: Malicious Members of the fediverse, able to operate malicious forge instances. +5. **Malicious Forge Admin**: Admin of good reputation forge instance in the fediverse. +6. **Federated User**: Members of good reputation forge instance in the fediverse. + +### Threat + +1. + +### Mitigations + +1. + +### DREAD-Score + +| Threat | Damage | Reproducibility | Exploitability | Affected Users | Discoverability | Mitigations | +| :----- | :------ | :-------------- | :------------- | :------------- | :-------------- | :---------- | +| 1. | ... tbd | | | | | | +| 2. | ... tbd | | | | | | + +Threat Score with values between 1 - 6 + +* Damage – how severe would the damage be if the attack is successful? 6 is a very bad damage. +* Reproducibility – how easy would the attack be reproducible? 6 is very easy to reproduce. +* Exploitability – How much time, effort and experience are necessary to exploit the threat? 6 is very easy to make. +* Affected Users – if a threat were exploited, how many percentage of users would be affected? +* Discoverability – How easy can an attack be discovered? Does the attacker have to expect prosecution? 6 is very hard to discover / is not illegal + +## Contributors + + +## Reference + +[1]: https://owasp.org/www-community/Threat_Modeling_Process \ No newline at end of file diff --git a/docs/unsure-where-to-put/dev-notes.md b/docs/unsure-where-to-put/dev-notes.md index 361927b897..2c3c74e659 100644 --- a/docs/unsure-where-to-put/dev-notes.md +++ b/docs/unsure-where-to-put/dev-notes.md @@ -108,24 +108,12 @@ git remote add forgejo git@codeberg.org:forgejo/forgejo.git # rebase on top of forgejo/forge-development git switch forgejo git fetch forgejo -git reset --hard forgejo/forgejo-development -git push --force +git pull +git push git switch forgejo-federated-star -git rebase forgejo -git push --force - -# continue local development after rebase & force-push has happened -git reset --hard origin/forgejo-federated-star -``` - -# provide testinstance - -``` bash -git switch test-release -git rebase --onto forgejo-federated-star -git merge forgejo/forgejo-branding -git push --force +git merge forgejo +git push ``` # generate swagger api client @@ -134,23 +122,3 @@ go run github.com/go-swagger/go-swagger/cmd/swagger@v0.30.5 generate client -f ' # Documentation for learn & reference - -# Thoughts on testing - -I would like to be able to quickly test a change in the repo code. -For that i need: -A test server with federation enabled -A test user -A test repo -A test auth token (?) - -A test request as input value to the API -An expected result for comparison with the output value. - -Tests that provide some examples are: - -tests/integration/api_activitypub_person_test.go - -tests/integration/api_token_test.go - -maybe tests/integration/api_repo_test.go