Sensitive information in source code - Credentials
Need
Secure storage and management of sensitive information in source code
Context
- Usage of C# for developing robust and scalable applications
- Usage of Microsoft.Extensions.DependencyInjection for Dependency Injection in .NET applications
- Usage of Microsoft.Extensions.Configuration for managing application configuration settings
Description
Non compliant code
public class AppSettings
{
public string UserEmail { get; set; }
public string UserPassword { get; set; }
public string ApiKey { get; set; }
}
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.Configure<AppSettings>(Configuration);
}
}
In the above code, we have a class AppSettings that is storing sensitive information such as UserEmail, UserPassword, and ApiKey. These values are set from the configuration in the Startup class.
This is a vulnerability because the sensitive data is stored directly in the source code. Anyone who has access to the source code will also have access to this sensitive data. This could potentially lead to unauthorized access to the system or misuse of the API keys.
Moreover, if the source code is version controlled and published to a public repository, these sensitive data will be exposed to the public. This not only compromises the security of the application, but also violates privacy rules and regulations.
To mitigate this vulnerability, never store sensitive data directly in the source code. Instead, use secure ways to store and access these data, such as environment variables, secure server parameters, or encrypted configuration files.
Steps
- Remove sensitive information from the source code
- Store sensitive information in a secure location such as environment variables or a configuration file
- Use a secure method to retrieve sensitive information at runtime, such as using the ASP.NET Core Configuration system
- Implement proper access controls and permissions to restrict access to sensitive information
- Regularly review and update the stored sensitive information to ensure it remains secure
Compliant code
public class AppSettings
{
public string UserEmail { get; set; }
public string UserPassword { get; set; }
public string ApiKey { get; set; }
}
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.Configure<AppSettings>(Configuration.GetSection("AppSettings"));
}
}
The AppSettings class is used to store application settings. However, sensitive information such as UserEmail, UserPassword, and ApiKey should not be stored directly in the source code. Instead, they should be stored in a secure location such as environment variables or a configuration file that is not included in the source code repository.
In the Startup class, the Configuration property is used to access the application's configuration settings. The ConfigureServices method is used to configure the application's services. In this method, the Configure method is used to bind the AppSettings class to the configuration section named "AppSettings". This means that the properties of the AppSettings class will be set to the values of the corresponding keys in the "AppSettings" section of the configuration.
This way, sensitive information is not stored in the source code but in a secure location, and it is retrieved at runtime using a secure method. Furthermore, access to this information can be restricted by implementing proper access controls and permissions.
It is also important to regularly review and update the stored sensitive information to ensure it remains secure.