inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-04-28 11:36:44 +00:00
Code

fix list format (#9376)

Browse Source
This commit is contained in:
Matthias Mair 2025-03-25 10:07:42 +01:00 committed by GitHub
parent b397affa57
commit 5d4b587bf7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/docs/concepts/threat_model.md
View File

@ -10,7 +10,9 @@ Deploying InvenTree to production requires to knowledge of the security assumpti
3. Authentication attempts are rate limited by InvenTree but should be monitored with appropriate monitoring and alerting solutions to detect long-running brute force attacks 3. Authentication attempts are rate limited by InvenTree but should be monitored with appropriate monitoring and alerting solutions to detect long-running brute force attacks
2. All users are trusted - therefore user uploaded files can be assumed to be safe. There are basic checks in place to ensure that the files are not using common attack vectors but those are not exhaustive. 2. All users are trusted - therefore user uploaded files can be assumed to be safe. There are basic checks in place to ensure that the files are not using common attack vectors but those are not exhaustive.
3. Superuser permissions are only given to trusted users and not used for daily operations. A superuser account can manipulate or extract all files on the server that the InvenTree server process have access to. 3. Superuser permissions are only given to trusted users and not used for daily operations. A superuser account can manipulate or extract all files on the server that the InvenTree server process have access to.
4. All templates and plugins are trusted. 4. All templates and plugins are trusted.
1. It is recommended to only use plugins and templates from trusted sources. 1. It is recommended to only use plugins and templates from trusted sources.

1
docs/docs/security.md
View File

@ -1,5 +1,6 @@
There a 2 different documents regarding security: There a 2 different documents regarding security:
- [Project Security](project/security.md) addresses security measures taken by the InvenTree project around the code base and the project itself - [Project Security](project/security.md) addresses security measures taken by the InvenTree project around the code base and the project itself
- [Threat Model](concepts/threat_model.md) describes the assumptions made regarding running an instance of InvenTree - [Threat Model](concepts/threat_model.md) describes the assumptions made regarding running an instance of InvenTree