coop-cloud/firefly-iii
coop-cloud/firefly-iii
2
0
Fork 1
Code Issues 5 Pull Requests Projects Releases Wiki Activity

Encrypt traffic between firefly and database #2

New Issue
Open
opened 2021-08-11 08:24:50 +00:00 by knoflook · 3 comments
knoflook commented 2021-08-11 08:24:50 +00:00
Owner
Copy Link

As can be seen here:
coop-cloud/organising#114

As can be seen here: https://git.coopcloud.tech/coop-cloud/organising/issues/114
decentral1se commented 2021-08-11 09:20:33 +00:00
Owner
Copy Link

Unless you have worries that your in-stack containers can be addressed publicly, then this is probably overkill? We're not doing this with any other apps fwiw. Open to reasoning to change that but that's where we're at now.

Unless you have worries that your in-stack containers can be addressed publicly, then this is probably overkill? We're not doing this with any other apps fwiw. Open to reasoning to change that but that's where we're at now.
knoflook commented 2021-08-11 09:27:03 +00:00
Author
Owner
Copy Link

My understanding of docker networking is extremely basic but from what I understand you can sniff trafic on internal networks by performing some kind of ARP spoofing. While it's a highly improbable scenario, preventing it shouldn't be too difficult.
Here's a 52 page pdf about attacking containers that I skimmed over, saw C snippets and immediately closed: https://www.nccgroup.com/globalassets/our-research/us/whitepapers/2016/june/abusing-privileged-and-unprivileged-linux-containers.pdf

My understanding of docker networking is extremely basic but from what I understand you can sniff trafic on internal networks by performing some kind of ARP spoofing. While it's a highly improbable scenario, preventing it shouldn't be too difficult. Here's a 52 page pdf about attacking containers that I skimmed over, saw C snippets and immediately closed: https://www.nccgroup.com/globalassets/our-research/us/whitepapers/2016/june/abusing-privileged-and-unprivileged-linux-containers.pdf
knoflook commented 2021-08-11 09:28:16 +00:00
Author
Owner
Copy Link

Also I think it's better to talk about it in here
coop-cloud/organising#114

Also I think it's better to talk about it in here https://git.coopcloud.tech/coop-cloud/organising/issues/114
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Something is not working
duplicate
This issue or pull request already exists
enhancement
New feature
help wanted
Need some help
invalid
Something is wrong
question
More information is needed
wontfix
This won't be fixed
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud decentral1se fauno flancian Frando iexos javielico kawaiipunk knoflook lambdabundesverband mac-chaffee marlon mayel mirsal moritz nicksellen notplants p4u1 pau renovate-bot rix sef simon stevensting tobias trav val virtualboys wolcen wykwit xynosis yksflip
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/firefly-iii#2
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?