-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GH CI: Add Provenance Support (Security Enhancement) #268
Comments
Interesting 👍 I just learned a new thing thanks to you. Here's a GitHub blog post in case anyone else is also new to this, https://github.blog/security/supply-chain-security/introducing-npm-package-provenance/ |
yep! This is a very good idea @elliot-huffman. We planned to do it only once we move the publication to GitHub Actions as it is one of the requirements
I will move this to discussions and change the title as we might want to do it for all the packages. |
I am cool with doing a PR to make a NPM publish GH action. This is what I would base my PR off of: |
What would be the benefit? All npm provenance guarantees you is the publish was done from a specific workflow file, which is of virtually zero value (npm has cryptographically verified that the tarball isn't tampered for over a decade). Additionally, it requires using a single factor which makes it objectively less secure than publishing locally with 2FA/MFA. |
We need to solve a 2FA in general (not just for provenance) first, so makes sense to wait a bit until we had a decision made on this. |
I personally believe that a cryptographic attestation of package/publish health is very impactful for supply chain security. Without that crypto attestation, how would you be able to quickly tell if there was tamper on the package build on a local system? The benefit would be that there is a crypto attestation that it isn't being done with a local dev/custom dev system. Using custom dev/local dev systems to publish means that all of the junk that is also on that system, such as viruses/threat actors could also inject their own junk into the build process. GH Actions is hypervisor isolated and a blank environment on execution which eliminates all but the most complex host-based attacks from the publish process. Provenance is not single factor, it is MFA. A refresher on what MFA is:
GH Actions is somewhere you are (GH Actions execution environment), something you know (the NPM key) and something you have (PKI on the OAuth key) This effectively increases the security to 3 factors on publish. It would also improve transparency for the build process to allow the community to audit the build process end to end. Right now, we can't see where the packages are being generated or how they are being generated. |
What MFA issues are you experiencing right now? Since this is a popular package, doesn't it force you to use MFA? |
What good is an attestation if you already trust the publisher? (or don't trust) Provenance is single-factor because to publish to npm from CI, you need a publish token, which is a single factor from npm's perspective, which is the only perspective that matters. |
Did you not read the NPM JS docs and GitHub docs? Tokens are issued after MFA. An access token is a cryptographic attestation (not unlike provenance) that the principal has authenticated, and the token also has authorization data. Please review this diagram from GitHub: Also please read the link that @IamLizu posted for the GH blog. Please also review the principal of assume breach here:
More telemetry to detect breach is necessary to catch more sophisticated attacks. |
The only thing that npm requires to actually do the publish from CI, with or without provenance, is that single token. That it was generated by an authenticated actor doesn't make it suddenly multi-factor. You're right that the action is doing stuff to generate the provenance data written to sigstore, but that's irrelevant - only the publish matters here. |
Additionally, can you point me to a single attack in the npm ecosystem that provenance would have prevented? Nobody at Microsoft/Github, Google, or the OpenSSF has ever been able to provide even a single example. |
UA-Parser-JS (October 22 2021). A threat actor was able to breach the account and upload non-attested versions. The attestation process would have not been successful due to custom builds for that and would have been detected. The attestation forces transparency and would have immediately been axed by the community. |
How would it have been detected? I can make a workflow that takes a URL as input and downloads a tarball and publishes that, and get full provenance, and then delete all the action logs (which expire in 3 months anyways) - and the malicious actor in question could have done the same on ua-parser-js. |
If the token is stored in a GH Secret, the process is one way and can only be accessed from a GH Actions Runner (using the same MFA methods as above). |
That's just not how it works. Anyone with write access to the repo can retrieve the secret in a way that can't be traced later. No matter what, publishing to npm with an automation token is single-factor. |
You are adding extra steps into the example. If we are going to start modifying the example I gave then: To mitigate this additional step the TA takes in your fictional scenario, ideally you would also implement a Privileged Access Workstation for approving PRs and starting the publish/deploy process. All code dev is rendered untrusted with that model and PAWs bring trust to the merge process and publish process by micro-segmentation. This would make it almost impossible for TAs to slip code through the PR process. |
This is all security theater imo - the only true mechanism for verifying and detecting this kind of attack is one that requires zero maintainer effort whatsoever: post-publish heuristics-based comparison of tarball and repo contents. |
Unless you isolate it to a GH Environment requiring approval and only specific access on your specified tags/branches. this prevents everyone from accessing the GH Secret. It is actually part of the security best practices GH has for secrets: |
It isn't security theater, I used to assist on an IR team at Microsoft and I have 100% seen attacks like this and even more complex. These attacks are not theoretical, they are real. That is why MSFT is mandating GH to improve security capabilities. These technologies were created through blood sweat and customer breaches.
Please see above. If you can create a threat model demonstrating how this is possible as single factor using the architecture I provided, I will concede. |
I mean, I can add a dependency that does whatever malicious thing I'd have wanted the main package to do merely by having write access, no matter how else you've locked things down - so what is provenance preventing, exactly? |
It is preventing local dev machines from being publishing sources and cryptographically attesting that the build environment is what you see is what you get. Nothing gets hidden. Dev machines like yours or mine can't be considered clean and have to be assumed as breached. Provenance attests that the environment is clean and NOT a dev machine. It also makes the publish/build pipeline auditable. If a threat actor puts malware into the repo itself, provenance doesn't prevent that, and it will happily sign it. It wasn't built to prevent that. |
Github Actions has had far more breaches (nonzero) than my local machine has (zero) :-) I think the "have to be assumed as breached" part is a pretty large flaw in your thinking here (or at least, only applying that thinking to dev machines instead of every machine) |
Correction GH Actions was not breached. It was customer environments that were breached due to secrets leaking and other misconfigurations. If you leave your door wide open, and a robber robs you. You don't sue the door company. I do apply this thinking to all computers (see PAW). That is outside the scope of this thread though |
Feature Request
Description
This allows you to publicly establish where a package was built and who published a package, which can increase supply-chain security for your packages.
This is a super easy publish command change.
Only a NPM parameter needs to be added to the existing publish pipeline. (by default)
Overview
Publish this package using only GitHub actions and enable Provenance to enable the ability cryptographically to attest that the package hasn't been tampered with during build, publish, and transport.
This can be done via
npm audit signatures
automatically.NPM Docs:
https://docs.npmjs.com/generating-provenance-statements
Examples
Before:
npm publish
After:
npm publish --provenance
Consuming attestation signatures:
https://docs.npmjs.com/generating-provenance-statements#verifying-provenance-attestations
The text was updated successfully, but these errors were encountered: