56 lines
1.3 KiB
Plaintext
56 lines
1.3 KiB
Plaintext
include::../../../shared_content/secrets/description.adoc[]
|
|
|
|
== Why is this an issue?
|
|
|
|
include::../../../shared_content/secrets/rationale.adoc[]
|
|
|
|
=== What is the potential impact?
|
|
|
|
If a Clarifai API key leaks to an unintended audience, it could potentially lead
|
|
to unauthorized access to the Clarifai account and its associated data. This
|
|
could result in the compromise of sensitive data or financial loss.
|
|
|
|
include::../../../shared_content/secrets/impact/financial_loss.adoc[]
|
|
|
|
include::../../../shared_content/secrets/impact/data_compromise.adoc[]
|
|
|
|
== How to fix it
|
|
|
|
include::../../../shared_content/secrets/fix/revoke.adoc[]
|
|
|
|
include::../../../shared_content/secrets/fix/vault.adoc[]
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,python,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
from clarifai_grpc.grpc.api.status import status_code_pb2
|
|
|
|
metadata = (('authorization','Key d819f799b90bc8dbaffd83661782dbb7'),)
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,python,diff-id=1,diff-type=compliant]
|
|
----
|
|
import os
|
|
from clarifai_grpc.grpc.api.status import status_code_pb2
|
|
|
|
metadata = (('authorization',os.environ["CLARIFAI_API_KEY"]),)
|
|
----
|
|
|
|
|
|
//=== How does this work?
|
|
|
|
//=== Pitfalls
|
|
|
|
//=== Going the extra mile
|
|
|
|
== Resources
|
|
|
|
include::../../../shared_content/secrets/resources/standards.adoc[]
|
|
|
|
//=== Benchmarks
|