From f80c19c18eb01ed7e7c6f44cc25535c14659ba20 Mon Sep 17 00:00:00 2001 From: pacien Date: Wed, 28 Jul 2021 16:58:54 +0200 Subject: docs: add security remarks --- readme.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/readme.md b/readme.md index 6fab8d8..1508142 100644 --- a/readme.md +++ b/readme.md @@ -182,6 +182,26 @@ thread-local global variables. * SQL injections are prevented by using proper query parameters substitution, automatically handled by the embrace and psycopg libraries. +* Passwords are salted and hashed when stored in the database to ensure some + minimal protection of the [data at rest]. The hashing is handled by the + [passlib] library, which also covers algorithm migrations. + +* Cross-Site Request Forgery ([CSRF]) attacks are mitigated through the + conjunctive use of POST requests for user actions and [SameSite] restrictions + for session cookies. (_note: this will become a sufficient protection only + when support in browsers will become ubiquitous_). + +* In its current state, the application does not implement any kind of rate + limiting. Such restriction would be needed for real world applications in + order to mitigate account password brute-force attacks, but also to prevent + users from avoiding transfer fees by sending many small unbilled + transactions. + +[data at rest]: https://en.wikipedia.org/wiki/Data_at_rest +[passlib]: https://passlib.readthedocs.io/en/stable/ +[CSRF]: https://owasp.org/www-community/attacks/csrf +[SameSite]: https://owasp.org/www-community/SameSite + ## Development environment -- cgit v1.2.3