diff --git a/docs/docs/concepts/threat_model.md b/docs/docs/concepts/threat_model.md index bd34a708a9..d1489cab0f 100644 --- a/docs/docs/concepts/threat_model.md +++ b/docs/docs/concepts/threat_model.md @@ -5,19 +5,21 @@ Deploying InvenTree to production requires to knowledge of the security assumpti 1. The InvenTree server is only available to trusted networks and there are detection mechanisms in place to detect unauthorised access. - 1. When exposing to the internet, it is recommended to use a WAF and ensure only trusted IP ranges are allowed to access the server - 2. It is recommended to enforce usage of strong traffic encryption along the network path - 3. Authentication attempts are rate limited by InvenTree but should be monitored with appropriate monitoring and alerting solutions to detect long-running brute force attacks + 1. When exposing to the internet, it is recommended to use a WAF and ensure only trusted IP ranges are allowed to access the server + 2. It is recommended to enforce usage of strong traffic encryption along the network path + 3. Authentication attempts are rate limited by InvenTree but should be monitored with appropriate monitoring and alerting solutions to detect long-running brute force attacks 2. All users are trusted - therefore user uploaded files can be assumed to be safe. There are basic checks in place to ensure that the files are not using common attack vectors but those are not exhaustive. + 3. Superuser permissions are only given to trusted users and not used for daily operations. A superuser account can manipulate or extract all files on the server that the InvenTree server process have access to. + 4. All templates and plugins are trusted. - 1. It is recommended to only use plugins and templates from trusted sources. - 2. It is recommended to review the code of the plugins and templates before using them. - 3. Templates and plugins can access all files that the server and worker processes have access to - 4. Plugins can access the inventree database and all data in the database - 5. Plugins can access all environment variables that are accessible to the server and worker processes + 1. It is recommended to only use plugins and templates from trusted sources. + 2. It is recommended to review the code of the plugins and templates before using them. + 3. Templates and plugins can access all files that the server and worker processes have access to + 4. Plugins can access the inventree database and all data in the database + 5. Plugins can access all environment variables that are accessible to the server and worker processes ## Possible attack vectors diff --git a/docs/docs/security.md b/docs/docs/security.md index 126ebad7a6..f5ef65bd3f 100644 --- a/docs/docs/security.md +++ b/docs/docs/security.md @@ -1,5 +1,6 @@ There a 2 different documents regarding security: + - [Project Security](project/security.md) addresses security measures taken by the InvenTree project around the code base and the project itself - [Threat Model](concepts/threat_model.md) describes the assumptions made regarding running an instance of InvenTree