From cf35afd3dd4ef2bd9a4ccbf77dda5ed940ec2f38 Mon Sep 17 00:00:00 2001 From: Loris S <91723853+loris-s-sonarsource@users.noreply.github.com> Date: Fri, 22 Sep 2023 12:48:47 +0200 Subject: [PATCH] Modify S6698&S6703&S6697: Add a warning against default values (#3121) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com> --- rules/S6697/secrets/rule.adoc | 2 ++ rules/S6698/secrets/rule.adoc | 4 +++- rules/S6703/secrets/rule.adoc | 4 +++- shared_content/secrets/fix/default.adoc | 16 ++++++++++++++++ 4 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 shared_content/secrets/fix/default.adoc diff --git a/rules/S6697/secrets/rule.adoc b/rules/S6697/secrets/rule.adoc index 6b5edd8a69..7bf2e98044 100644 --- a/rules/S6697/secrets/rule.adoc +++ b/rules/S6697/secrets/rule.adoc @@ -38,6 +38,8 @@ They can be used to audit malicious use of password-leak-affected accounts. include::../../../shared_content/secrets/fix/vault.adoc[] +include::../../../shared_content/secrets/fix/default.adoc[] + === Code examples ==== Noncompliant code example diff --git a/rules/S6698/secrets/rule.adoc b/rules/S6698/secrets/rule.adoc index 50ad618e96..16f76954b1 100644 --- a/rules/S6698/secrets/rule.adoc +++ b/rules/S6698/secrets/rule.adoc @@ -39,6 +39,8 @@ for this to happen. include::../../../shared_content/secrets/fix/vault.adoc[] +include::../../../shared_content/secrets/fix/default.adoc[] + === Code examples ==== Noncompliant code example @@ -74,4 +76,4 @@ include::../../../shared_content/secrets/resources/standards.adoc[] * PostgreSQL Documentation - https://www.postgresql.org/docs/15/client-authentication.html[Client Authentication] * PostgreSQL Documentation - https://www.postgresql.org/docs/current/runtime-config-logging.html[Error Reporting and Logging] -//=== Benchmarks \ No newline at end of file +//=== Benchmarks diff --git a/rules/S6703/secrets/rule.adoc b/rules/S6703/secrets/rule.adoc index 2c34e32385..71acf120cd 100644 --- a/rules/S6703/secrets/rule.adoc +++ b/rules/S6703/secrets/rule.adoc @@ -33,6 +33,8 @@ include::../../../shared_content/secrets/fix/revoke.adoc[] include::../../../shared_content/secrets/fix/vault.adoc[] +include::../../../shared_content/secrets/fix/default.adoc[] + === Code examples ==== Noncompliant code example @@ -62,4 +64,4 @@ public static string ConnectionString = String.format( include::../../../shared_content/secrets/resources/standards.adoc[] -//=== Benchmarks \ No newline at end of file +//=== Benchmarks diff --git a/shared_content/secrets/fix/default.adoc b/shared_content/secrets/fix/default.adoc new file mode 100644 index 0000000000..0f9766aaea --- /dev/null +++ b/shared_content/secrets/fix/default.adoc @@ -0,0 +1,16 @@ +**Never hard-code secrets, not even the default values** + +It is important that you do not hard-code secrets, even default values. + +First, hard-coded default secrets are often short and can be easily compromised +even by attackers who do not have access to the code base. + +Second, hard-coded default secrets can cause problems if they need to be +changed or replaced. + +And most importantly, there is always the possibility to accidentally set +default secrets for production services, which can lead to security +vulnerabilities and make production insecure by default. + +To minimize these risks, it is recommended to apply the above strategies, even +for the default settings.