Comments (6)
While I have no problems with this idea in theory, what safeguards beyond "Dont' do that then" do you propose to prevent the debug enclave from being accidentally deployed?
from oasis-core.
Agree that switching this on by accident is a problem. I guess the same could be said for the existing uses of OASIS_UNSAFE_SKIP_KM_POLICY
. Any suggestions?
We could only allow this in either non-SGX builds (still can be dangerous though as you also want non-SGX clients to authenticate the EnclaveRPC channel to the key manager) or when allowing debug enclaves is enabled through OASIS_UNSAFE_ALLOW_DEBUG_ENCLAVES
(as this requires use of unsafe flags all over the place).
from oasis-core.
Probably only for debug enclaves?
from oasis-core.
It's hard to link anything in the code itself to the enclave being in debug mode, as that's assigned only after the application is compiled. I think an easy thing to do would be to expose the debug-ness in the core.RuntimeInfo
query and have the runtime host compare that to its own debug-ness.
from oasis-core.
only after the application is compiled
The thing with our runtimes is that they can be in either debug mode in which case they only accept debug quotes or in non-debug mode in case they only accept non-debug quotes. This depends on the build-time OASIS_UNSAFE_ALLOW_DEBUG_ENCLAVES
flag and is also reflected in oasis_core_runtime::BUILD_INFO.is_secure
. The runtime will also not process any requests in case the attestation is invalid (including checking the debug-ness of itself).
Reporting the is_secure
status in addition to this mechanism (as is done for the key manager runtime) as part of the runtime connection handshake would probably be useful for the node to report a better error message.
If we require OASIS_UNSAFE_ALLOW_DEBUG_ENCLAVES
to be set in order for OASIS_UNSAFE_SKIP_KM_POLICY
to take effect that would prevent one accidentally building a non-debug runtime which skips policy checks.
from oasis-core.
This is now implemented in #4878, please take a look.
from oasis-core.
Related Issues (20)
- Add staking.AmendCommissionSchedule event
- common/crypto/signature: Use a newer version of ECVRF HOT 1
- Configurable location of the gRPC socket (internal.sock) HOT 1
- Support showing unsigned txns with oasis-node consensus show_tx CLI command
- go/runtime/host/sandbox/process: Seccomp policy generation fails on systems with prehistoric garbage
- Control SGX use with runtime.mode HOT 2
- Test on older kernels
- can't build in make docker-shell due to /code ownership
- golang advancedtls no longer has Certificate and GetClientCertificate HOT 2
- Type confusion if __private_get_type_id__ is overriden HOT 1
- Flaky TestConnectorTestSuite/TestConnect
- Node state reset option for enclave-encrypted `worker-local-storage.badger.db` HOT 1
- oasis-net-runner example doesn't work HOT 3
- compiling issue HOT 4
- Instant internal error: Attestation required HOT 5
- import shadow
- protect mutex
- Add Github Slack integration to this repo
- build error
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oasis-core.