luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Updated Security Model and FAQ pages (#7528) 

* Updated Security Model and FAQ pages
This commit is contained in:
Jono Sosulska 2020-03-30 16:43:26 -04:00 committed by GitHub
parent 0277578424
commit 42998c0eb6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
website/source/docs/faq.html.md
View File

@ -105,3 +105,16 @@ available, but that won't otherwise affect the local datacenter. There are some
situations where a limited subset of data can be replicated, such as with Consul's built-in
[ACL replication](https://learn.hashicorp.com/consul/day-2-operations/acl-replication) capability, or
external tools like [consul-replicate](https://github.com/hashicorp/consul-replicate).
## Q: Can Consul natively handle protecting against other processes accessing Consul's memory state?
Consul does not provide built-in memory access protections, and doesn't interact with the host system to change or manipulate
viewing and doesn't interact with the host system to change or manipulate
application security.
We recommend taking any precautions or
remediation steps that you would normally do for individual processes, based
on your operating system.
Please see our
[Security Model](https://www.consul.io/docs/internals/security.html) for more information.

12
website/source/docs/internals/security.html.md
View File

@ -36,6 +36,18 @@ any of the settings below are not enabled, then parts of this threat model are
going to be invalid. Additional security precautions must also be taken for
items outside of Consul's threat model as noted in sections below.
* **Consul runs just like any other binary.** Consul runs as a single process
and obeys the same security requirements as any other application on
your system. Consul doesn't interact with the host system to change or
manipulate security values in any way. Take any precautions or remediation
steps that you would normally do for individual processes, based on your
operating system.
Some example remediation steps you could take are outlined below.
- Run applications, including Consul, as non-root users with appropriate
configurations
- Implement Mandatory Access Control using a kernel security module such as SELinux
- Secure against unprivileged users becoming root
* **ACLs enabled with default deny.** Consul must be configured to use ACLs with
a whitelist (default deny) approach. This forces all requests to have explicit
anonymous access or provide an ACL token.