Insecure Functionality - User Management
Need
To ensure that sensitive vulnerability data is only accessible by registered and authorized users
Context
• Usage of Elixir 1.12 for functional programming and building scalable applications
• Usage of Phoenix Framework 1.6 for web development
Description
1. Non compliant code
defmodule UserManager do
def assign_treatment_manager(email, vulnerability_id) do
send_vulnerability_email(email, vulnerability_id)
end
defp send_vulnerability_email(email, vulnerability_id) do
# Email sending logic here
end...In this code, the function `assign_treatment_manager` allows any email address to be assigned as a manager of vulnerabilities. This means the system could potentially send sensitive vulnerability data to non-registered users, or users who no longer have access to the system.
2. Steps
• Ensure the system verifies if a user is registered and has the necessary access rights before assigning them as a treatment manager
• Check if a user is still part of an organization before sending them any vulnerability data
• When a user is removed from all projects, ensure their access to all related data is revoked
3. Secure code example
defmodule UserManager do
def assign_treatment_manager(email, vulnerability_id) do
if is_registered_and_authorized?(email) do
send_vulnerability_email(email, vulnerability_id)
end
end
# Email sending logic here...In the secure version of the code, the system checks whether the user is registered and still part of the organization before assigning them as a treatment manager. Also, when a user is removed from all projects, their access is effectively revoked.
References
• 324. Insecure Functionality - User Management