Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: add go-tuf security assessment report #504

Merged
merged 2 commits into from
Jun 13, 2023
Merged

docs: add go-tuf security assessment report #504

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5895973
docs: add go-tuf security assessment report
rdimitrov Jun 13, 2023
433c764
docs: add blog post content for the audit report
rdimitrov Jun 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added docs/audit/X41-go-tuf-Audit-2023-Final-Report-PUBLIC.pdf
View file
Open in desktop
Binary file not shown.
33 changes: 33 additions & 0 deletions docs/audit/blog-post.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# Security audit of go-tuf

## The Update Framework

## Radoslav Dimitrov - 06/13/2023

go-tuf, a Go implementation of The Update Framework (TUF), plays a critical role in securely managing
software updates. Recently, a security assessment conducted by X41 D-Sec GmbH uncovered a few
security-related findings in go-tuf. The following blog post provides a concise overview of the
assessment's key findings and recommendations.

The assessment identified two vulnerabilities of medium and low severity in go-tuf, along with
four additional issues without immediate security implications. Even though there are no
high-severity issues, these vulnerabilities still pose risks in update integrity and local file
overwrite scenarios.

To address the vulnerabilities, it was recommended to implement measures such as linking versions
and making root metadata project-specific. Additionally, validating signatures for all files
processed by go-tuf will enhance protection against file manipulation during transit. Alongside
the identified vulnerabilities, the security assessment highlighted that the “keys” directory had
been assigned with world-readable permissions. Although this does not directly expose key files to
local attackers, it is considered a best practice to assign only the minimum necessary permissions.

Despite the discovery of only a few vulnerabilities and weaknesses, go-tuf demonstrates a high level
of maturity in terms of security. The security assessment conducted by X41 D-Sec GmbH underscores
the importance of continuously improving the project's security posture and implementing best practices.
Alongside maintaining the project, the maintainers of go-tuf are also working on a new code base
which is based on the positive redesign of python-tuf. This new code base is designed to be more
efficient, user-friendly, and easier to maintain. The ongoing efforts of the maintainers to improve
the project's design and simplicity will contribute to the overall health and long-term success
of go-tuf. By implementing the recommended measures, adhering to best practices, and leveraging
the advancements in the new code base, go-tuf will continue to provide a reliable and secure solution
for managing software updates.