-
Notifications
You must be signed in to change notification settings - Fork 3
Security and Privacy
Antler only needs to run as root when working with Linux network namespaces, or
executing System commands in CUE that require root. In general, there should be
no need to run antler as root when running tests that don't need network
namespaces. Likewise, antler commands that have no need for root access, such
as init, list, vet and server, should not be run as root. The report
command may need to run as root, if root owns the results directory.
When running tests on public networks:
- Set HMAC to true for any tests that will run on public networks. To enable it
for all tests, use the CUE
#Test: HMAC: true. - Avoid running Antler nodes on public networks as root unless it's absolutely
necessary. The
Sudofield inNodedefaults to false, and this should ideally be left as such for public nodes.
Running Antler in public networks comes with the risk that malicious clients may attempt to connect to test servers, possibly corrupting the results. Fortunately, since Antler starts and stops test nodes before and after each test, the window of opportunity for attacking the server is relatively small. However, Antler provides optional HMAC protection for test headers, which makes it difficult for rogue clients to initiate unauthorized tests, or to perform on-path manipulation of parameters or data sent from clients to servers. It does not, however, prevent on-path replay attacks, which may be used to inject spurious results (although it's unclear what would motivate someone to perform such an attack).
Google Charts is used for visualizations. There are no currently known vulnerabilities in Charts, but if privacy is a concern, users should review Security and Privacy in Charts.