Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

MonsieurNicolas · 2022-08-11T18:38:00Z

Example command is "offline catchup" that is insecure when invoked without the trusted-checkpoint-hashes option:
instead we should require catchup to have that option or a force option with a name that tells people that they're about to do something unsafe --force-unsafe-trust-archives in this case for example.

The text was updated successfully, but these errors were encountered:

MonsieurNicolas · 2022-11-29T06:18:30Z

#3509 was merged some time ago (warn), we should probably enforce this now

MonsieurNicolas added the bug label Aug 11, 2022

MonsieurNicolas mentioned this issue Aug 11, 2022

Horizon: missing information passed to captive-core when configured to run "on disk" stellar/go#4538

Open

MonsieurNicolas added this to To do in v19.7.0 via automation Nov 29, 2022

marta-lokhova self-assigned this Nov 30, 2022

marta-lokhova linked a pull request Nov 30, 2022 that will close this issue

Enforce trusted catchup #3615

Open

marta-lokhova moved this from To do to In progress in v19.7.0 Nov 30, 2022

marta-lokhova removed this from In progress in v19.7.0 Jan 25, 2023

marta-lokhova added this to To do in v19.8.0 via automation Jan 25, 2023

marta-lokhova moved this from To do to In progress in v19.8.0 Feb 21, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

MonsieurNicolas commented Aug 11, 2022

MonsieurNicolas commented Nov 29, 2022

Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

Audit and make commands "secure by default" - add "force" options when bypassing safety #3503

Comments

MonsieurNicolas commented Aug 11, 2022

MonsieurNicolas commented Nov 29, 2022