security model updates (#19656)

This commit is contained in:
mickael-hc 2023-03-21 14:14:00 -04:00 committed by GitHub
parent 641f42f767
commit 427b4dbd49
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions

View File

@ -75,6 +75,12 @@ The following are not considered part of the Vault threat model:
credentials, they can access Vault with the level of privilege associated with this
client.
- Protecting against Vault administrators supplying vulnerable or malicious configuration
data. Any data provided as configuration values to Vault's administrative endpoints
(e.g. [secret engines](/vault/docs/secrets) configurations), or Vault's
configuration files should be validated. If an attacker can write to Vault's
configuration, then the confidentiality or integrity of data can be compromised.
# External Threat Overview
Vault architecture compromises of three distinct systems: