Is the security a bit too open here?

  • Resolved russwiltshire

    (@russwiltshire)


    6 years, 8 months ago

    Great plugin. However, I’m a bit concerned about security. You say that the service account needs Storage Admin permission, and then in the settings are revealed bucket name, folder name and the JSON credentials. This is ok for my own site, but I develop sites for other clients. I provide a managed service, so I’m responsible for setting up the WordPress site and deciding what plugins are needed to deliver the most appropriate affordable service for the client. I think my clients would benefit from having this plugin and I’d like to provide buckets in my own Google Cloud Platform account to store their assets. But that means revealing credentials to my client, for a service account that could be used to access other folders and buckets. Am I missing something? Is there are way to mitigate this? I’ve looked quite thoroughly at the permissions available within GCP. IAM is too broad and although the documentation says that ACLs can be used for fine grained control over permissions, I tried setting them up but the edit page tells me ACLs can no longer be edited via the GCP console. Any advice for how to get around this? Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)

  • Try this https://github.com/wpCloud/wp-stateless/wiki/Manual-Setup

    Thread Starter russwiltshire

    (@russwiltshire)

    Thanks, but no that doesn’t help. I already read and followed those instructions. Those instructions are exactly what I’m suggesting are not secure. They suggest creating a service account with Storage Admin permissions. So the credentials in the wp-stateless settings could be used by anyone to connect to my GCP Cloud Storage. For example, if I set up a WordPress site for one of my customers, set up wp-stateless as per those instructions, then give my customer access to their wp-admin area, they would be able to see the wp-stateless settings, change the bucket name or folder name to something else, and their WP site would then have access to someone else’s files.

    You can only give Read and Wright permission, that way they wouldn’t be able to any administrative task. But there is no way to restrict permission to a folder. You can create separate Storage for every site.

    Thread Starter russwiltshire

    (@russwiltshire)

    Ok. Thank you. That’s what I’ve ended up doing. Create a bucket and service account for each site. Good to know I’m not missing something.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Is the security a bit too open here?’ is closed to new replies.