Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarify why builder level is meaningful in threats #1215

Open
TomHennen opened this issue Oct 23, 2024 · 2 comments
Open

Clarify why builder level is meaningful in threats #1215

TomHennen opened this issue Oct 23, 2024 · 2 comments
Labels

Comments

@TomHennen
Copy link
Contributor

          This is a great place to expand. Thanks for starting this.

I think the mitigation for this is essentially:

  • Have a way to know what "correct" looks like for this resourceUri.
    • If you have access to such a thing, you can verify the artifact yourself by inspecting the data in the provenance attestation.
    • If you do not, you must rely on a VSA with access to definition of "correct"
    • If you do not have either, you cannot know whether the artifact is safe to use, even if it was SLSA Build L3

I think in the example below "build L3" is conflated with "built in the correct way" which is not necessarily the case.

Originally posted by @zachariahcox in #1191 (comment)

@TomHennen
Copy link
Contributor Author

I think what we want to do is clarify in 'Mitigation' that the user setting a specific builder expectation protects them from vulnerabilities in other builders and a high level builder makes some vulnerabilities less likely.

We should probably update both G and F here.

@zachariahcox
Copy link
Contributor

@TomHennen is there anything left to do on this one?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
Status: 🆕 New
Status: Todo
Development

No branches or pull requests

2 participants