diff --git a/README.md b/README.md index 0a98950..19201ac 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ You can use `npbackup --list` or the GUI to list backups. The GUI allows an end user to check current backups & restore files.rom backups: -The YAML configuration file encrypts sensible data so the end user doesn't have to know repository URI or password. +The YAML configuration file encrypts sensitive data so the end user doesn't have to know repository URI or password. ## Quickstart GUI @@ -147,7 +147,7 @@ Configuration allows to edit the YAML configuration files directly as end user Orchestrator GUI allows to run commands on multiple repositories or groups. **Security** -NPBackup' security model relies on symmetric encryption of all sensible data that allows to access a repository. +NPBackup' security model relies on symmetric encryption of all sensitive data that allows to access a repository. In order to achieve this, NPBackup contains an AES-KEY that can be set: - at compile time - at run time via an AES-KEY file @@ -219,9 +219,9 @@ npbackup-cli --housekeeping --repo-group default_group NPBackup inherits all security measures of it's backup backend (currently restic with AES-256 client side encryption including metadata) and all security options from it's storage backends. -On top of those, NPBackup itself encrypts sensible information like the repo uri and password, as well as the metrics http username and password. +On top of those, NPBackup itself encrypts sensitive information like the repo uri and password, as well as the metrics http username and password. This ensures that end users can backup/restore data without the need to know any password, avoiding secret compromission. -Note that NPBackup uses an AES-256 key itself, in order to encrypt sensible data. The public (git) version of NPBackup uses the default encryption key that comes with the official NPBackup repo. +Note that NPBackup uses an AES-256 key itself, in order to encrypt sensitive data. The public (git) version of NPBackup uses the default encryption key that comes with the official NPBackup repo. You can generate a new AES-256 key with `npbackup-cli --create-key npbackup.key` and use it via an environment variable: diff --git a/SECURITY.md b/SECURITY.md index aa0128e..5dac1dc 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -34,16 +34,16 @@ Hence, update permissions should only happen in two cases: # NPF-SEC-00007: Encrypted data needs to be protected -Since encryption is symmetric, we need to protect our sensible data. +Since encryption is symmetric, we need to protect our sensitive data. Best ways: - Compile with alternative aes-key - Use `NPBACKUP_KEY_LOCATION` or `NPBACKUP_KEY_COMMAND` to specify alternative AES keys -# NPF-SEC-00008: Don't show manager password / sensible data with --show-config +# NPF-SEC-00008: Don't show manager password / sensitive data with --show-config -Using `--show-config` should hide sensible data, and manager password. +Using `--show-config` should hide sensitive data, and manager password. -# NPF-SEC-00009: Option to show sensible data +# NPF-SEC-00009: Option to show sensitive data When using `--show-config` or right click `show unecrypted`, we should only show unencrypted config if password is set. Environment variable `NPBACKUP_MANAGER_PASSWORD` will be read to verify access, or GUI may ask for password. @@ -64,4 +64,4 @@ The PRIVATE directory might contain alternative AES keys and obfuscation functio # NPF-SEC-00013: Don't leave encrypted envrionment variables for script usage -Sensible environment variables aren't available for scripts / additional parameters and will be replaced by a given string from __env__.py \ No newline at end of file +Sensitive environment variables aren't available for scripts / additional parameters and will be replaced by a given string from __env__.py \ No newline at end of file diff --git a/npbackup/__env__.py b/npbackup/__env__.py index 00c2fc5..2c93a9e 100644 --- a/npbackup/__env__.py +++ b/npbackup/__env__.py @@ -46,5 +46,5 @@ def set_build_type(build_type: str) -> None: # Allowed server ids for upgrade ALLOWED_UPGRADE_SERVER_IDS = ("npbackup.upgrader", "npbackup.deployment_server") -# Replacement string for sensible data +# Replacement string for sensitive data HIDDEN_BY_NPBACKUP = "_[o_O]_hidden_by_npbackup" diff --git a/npbackup/configuration.py b/npbackup/configuration.py index 259d789..d53a5f2 100644 --- a/npbackup/configuration.py +++ b/npbackup/configuration.py @@ -990,7 +990,7 @@ def get_anonymous_repo_config(repo_config: dict, show_encrypted: bool = False) - value = "__(o_O)__" return value - # NPF-SEC-00008: Don't show manager password / sensible data with --show-config unless it's empty + # NPF-SEC-00008: Don't show manager password / sensitive data with --show-config unless it's empty if repo_config.get("manager_password", None): repo_config["manager_password"] = "__(x_X)__" repo_config.pop("update_manager_password", None) diff --git a/npbackup/gui/config.py b/npbackup/gui/config.py index d390e8e..a82d708 100644 --- a/npbackup/gui/config.py +++ b/npbackup/gui/config.py @@ -339,7 +339,7 @@ def config_gui(full_config: dict, config_file: str): raise KeyError # NPF-SEC-00009 - # Don't show sensible info unless unencrypted requested + # Don't show sensitive info unless unencrypted requested if not unencrypted: # Use last part of key only if key in configuration.ENCRYPTED_OPTIONS: diff --git a/npbackup/translations/config_gui.en.yml b/npbackup/translations/config_gui.en.yml index dad7147..5084036 100644 --- a/npbackup/translations/config_gui.en.yml +++ b/npbackup/translations/config_gui.en.yml @@ -92,7 +92,7 @@ en: machine_id: Machine identifier machine_group: Machine group - show_decrypted: Show sensible data + show_decrypted: Show sensitive data no_manager_password_defined: No manager password defined, cannot show unencrypted. If you just set one, you need to save the confiugration before you can use it # compression