Questions related to security aspects, TLS, password hashing, logging ... #1902
Replies: 1 comment 3 replies
-
|
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello everyone,
I currently try to understand some security aspects of FalkorDB and hope you can answer the following questions:
I saw that TLS is supported beginning with the Startup, High Availability/Clustering with the Pro plan.
Am I right that this is only applicable if I want to let FalkorDB run in the cloud? So, if I deploy it on my own infrastructure, I would not need those plans?
Does FalkorDB manage users and credentials separately from Redis on its own (a separate password management) or is it delegating this to Redis?
There is an option in Redis to change the password hashing algorithm from SHA256 to PBKDF2. Does this affect the password hashing algorithm used for FalkorDB user credentials?
Is FalkorDB (or if it is using Redis for credential handling) generating ad-hoc salts for new passwords and if, which hashing algorithm is used?
FalkorDB is providing logging functionality for ACL-related events and allows transferring them via OpenTelemetry. Since FalkorDB is a Redis module, do you know if the FalkorDB events are also logged by Redis, for example, administrator-related events via @admin? As a consequence, are the logs from FalkorDB a subset from the logs of Redis?
FalkorDB does not provide that many configuration options. Does FalkorDB inherit the TLS settings (version, ciphersuites) from the Redis configuration or is it possible to configure such? I could not find a configuration option for this.
If there is no configuration option: Can you tell me which TLS version and ciphersuites are used by FalkorDB?
Thank you very much in advance.
Uwe
Beta Was this translation helpful? Give feedback.
All reactions