Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

Open
MonsieurNicolas opened this issue Aug 11, 2022 · 1 comment · May be fixed by #3615
Open

Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

MonsieurNicolas opened this issue Aug 11, 2022 · 1 comment · May be fixed by #3615
Assignees
@marta-lokhova
Labels
bug

Comments

@MonsieurNicolas
Copy link
Contributor

Example command is "offline catchup" that is insecure when invoked without the trusted-checkpoint-hashes option:
instead we should require catchup to have that option or a force option with a name that tells people that they're about to do something unsafe --force-unsafe-trust-archives in this case for example.
@MonsieurNicolas MonsieurNicolas mentioned this issue Aug 11, 2022
Open
@MonsieurNicolas
Copy link
Contributor Author

#3509 was merged some time ago (warn), we should probably enforce this now

@marta-lokhova marta-lokhova self-assigned this Nov 30, 2022
@marta-lokhova marta-lokhova linked a pull request Nov 30, 2022 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marta-lokhova marta-lokhova

Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enforce trusted catchup marta-lokhova/stellar-core
2 participants
@MonsieurNicolas @marta-lokhova