sync-settings icon indicating copy to clipboard operation
sync-settings copied to clipboard

Published 20 hours ago verified publisher icon atom-community

Secure token value

Open groupsky opened this issue 10 years ago • 7 comments
trafficstars

Currently bug reports generated from atom contain the token and gist repo. There should be some form of protection of the token so bug reports don't expose it. Additionally it would be preferable if other plugins don't have access to the token.

One way is to generate a random key and encrypt the token with that, the key itself could be stored as a plugin state - which I haven't investigated how secure is.

Another way is to store it in another location like custom config file in atom's config directory.

So far both approaches require building a custom UI to manage the token.

groupsky avatar Jul 09 '15 15:07 groupsky

I looked the other day at another package called gist, which uses another file for storing the GitHub Gist token.

I prefer to see Atom supplying use with a more secure option... https://github.com/atom/atom/issues/1763

jerone avatar Jul 09 '15 19:07 jerone

A few guys on Slacks suggested to use https://github.com/atom/node-keytar

jerone avatar Jul 27 '15 17:07 jerone

This sounds interesting. And still will require a dedicated UI for managing the token. IMHO this will be tied with #100

groupsky avatar Jul 29 '15 06:07 groupsky

@jerone commented on 27 jul. 2015 19:05 CEST:

A few guys on Slacks suggested to use https://github.com/atom/node-keytar

Hmm just tried installing it at work (Windows 8.1) but fails to install. Will try tonight at home.

jerone avatar Jul 29 '15 11:07 jerone

So at home it won't install either (Windows 7) :disappointed:

It seems the package was used by Atom at one point but dropped with no replacement.

Gives me a bad taste.

Continuing search for another solution...

jerone avatar Jul 30 '15 18:07 jerone

So I've been thinking about this...

We can't fix this with a good security model. Problem is that everything we do, other packages can read or write too. Besides that, everything is accessible through the developer tools. This makes providing a real secure model not possible. Encrypting the tokens doesn't really makes sense and is easily reverse-engineered. Without Atom providing a way to securely storing credentials only accessible by our package, I wouldn't pursue a security model for now.

Going back to the original issue of not exposing the token when creating automatic error messages on GitHub through Atom error notifications, I think that moving the token credentials to another location/file would be the best solution.

I propose we make an CSON file called sync.token in Atom root (~/atom) where we can store credentials. Thinking about the feature; if in the future we want to support more sources (:bulb: ? ), we could define a namespace with Gist as first release. Something like:

gist:
  token: 1234567890
  id: 1234567890

Pushing to next milestone.

jerone avatar Aug 01 '15 13:08 jerone

token can be set in the environment variable GITHUB_TOKEN and gist id can be set in GIST_ID

We should probably show that on the settings page

UziTech avatar Feb 09 '20 03:02 UziTech