Business information leak - Financial Information - Elixir

Need

To prevent exposure of sensitive business information.

Context

1. Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications
2. Usage of Phoenix Framework for building web applications
3. Usage of Ecto for data persistence

Description

Insecure Code Example

defmodule MyAppWeb.UserController do
  use MyAppWeb, :controller

  def show(conn, %{"id" => id}) do
    user = Repo.get!(User, id)
    render(conn, "show.html", user: user)
  end
end

This code is vulnerable because it retrieves a user from the database and exposes all of its associated information in the response, including potentially sensitive financial information. An attacker could exploit this by making requests to this endpoint and collecting the exposed data.

Steps

1. Ensure that sensitive information is not included in API responses or rendered views.
2. Review your data models and remove or obfuscate sensitive fields as necessary.
3. Implement proper access controls to prevent unauthorized access to sensitive data.

Secure Code Example

defmodule MyAppWeb.UserController do
  use MyAppWeb, :controller

  def show(conn, %{"id" => id}) do
    user = Repo.get!(User, id)
    safe_user = Map.take(user, [:id, :name, :email])
    render(conn, "show.html", user: safe_user)
  end
end

In this secure code example, the `Map.take/2` function is used to only include the `id`, `name`, and `email` fields in the response. Any potentially sensitive financial information associated with the user is not included.

References

Last updated

2023/09/18