Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restrict access scope of master key #8218

Closed
3 tasks done
Tracked by #8225
mtrezza opened this issue Oct 6, 2022 · 3 comments · Fixed by #8212
Closed
3 tasks done
Tracked by #8225

Restrict access scope of master key #8218

mtrezza opened this issue Oct 6, 2022 · 3 comments · Fixed by #8212
Labels
block:major Needs to be resolved before next major release; remove label afterwards state:breaking Breaking change requires major version increment and `BREAKING CHANGE` commit message type:feature New feature or improvement of existing feature

Comments

@mtrezza
Copy link
Member

mtrezza commented Oct 6, 2022
edited
Loading

New Feature / Enhancement Checklist

Current Limitation

The masterKey currently allows to manipulate some Parse Server internal fields. At the same time, the masterKey is intended to be used for normal operations, such as for Parse Dashboard to connect to Parse Server or special Remote Config parameters. The scope of masterKey is unclear because it's not defined anywhere.

Allowing the masterKey to modify internal fields, while distributing it for normal operation is a bad combination. It raises the risk associated with a compromised masterKey, because it significantly increases the integrity impact of the vulnerability's CVSS score.

Feature / Enhancement Description

Define scopes, implement them and add them to docs. This will be a breaking change.

We can assume that there is a difference in scope between:

  • accessing all data within the official features and constrains of Parse Server (intended to be used for normal operation)
  • manipulating Parse Server internal fields that are usually rather constraint-free (not intended to be used for normal operation)

Suggested scopes:

Scope Internal data Custom data Restricted by CLP, ACL Key
Internal r/w r/w no maintenanceKey*
Master -/- r/w no masterKey
ReadOnlyMaster -/- r/- no readOnlyMasterKey
Session -/- r/w yes sessionToken

* doesn't exist yet as a feature

Example Use Case

  • give masterKey to a business client to access all data, configure dashboard apps and use Remove Config parameters that are restricted to master key --> this doesn't allow the user to mess up the internals of Parse Server
  • give maintenanceKey to a DevOp to be able to manipulate internal Parse Server fields --> these internal fields are not supposed to be manipulated for normal operation, they may need to to be manipulated for one-time migration or data correction tasks

Alternatives / Workarounds

n/a

3rd Party References

n/a
@parse-github-assistant
Copy link

parse-github-assistant bot commented Oct 6, 2022
edited
Loading

Thanks for opening this issue!

  • 🎉 We are excited about your ideas for improvement!

@mtrezza mtrezza added the type:feature New feature or improvement of existing feature label Oct 6, 2022
@mtrezza mtrezza mentioned this issue Oct 6, 2022
Merged
4 tasks
@cbaker6

This comment was marked as off-topic.

Sign in to view
@mtrezza

This comment was marked as off-topic.

Sign in to view
@dblythy dblythy mentioned this issue Oct 17, 2022
Open
7 tasks
@cbaker6 cbaker6 mentioned this issue Oct 22, 2022
Merged
5 tasks
@mtrezza mtrezza mentioned this issue Nov 11, 2022
Closed
31 tasks
@mtrezza mtrezza added state:breaking Breaking change requires major version increment and `BREAKING CHANGE` commit message block:major Needs to be resolved before next major release; remove label afterwards labels Dec 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
block:major Needs to be resolved before next major release; remove label afterwards state:breaking Breaking change requires major version increment and `BREAKING CHANGE` commit message type:feature New feature or improvement of existing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Allow read and write of internal fields with maintenanceKey dblythy/parse-server
2 participants
@mtrezza @cbaker6