Insecure Functionality - User Management
Need
To ensure that sensitive vulnerability data is only accessible by registered and authorized users
Context
- Usage of Elixir 1.12 for functional programming and building scalable applications
- Usage of Phoenix Framework 1.6 for web development
Description
Non compliant code
defmodule UserManager do
def assign_treatment_manager(email, vulnerability_id) do
send_vulnerability_email(email, vulnerability_id)
end
defp send_vulnerability_email(email, vulnerability_id) do
# Email sending logic here
end
end
In this code, the function assign_treatment_manager allows any email address to be assigned as a manager of vulnerabilities. This means the system could potentially send sensitive vulnerability data to non-registered users, or users who no longer have access to the system.
Steps
- Ensure the system verifies if a user is registered and has the necessary access rights before assigning them as a treatment manager
- Check if a user is still part of an organization before sending them any vulnerability data
- When a user is removed from all projects, ensure their access to all related data is revoked
Compliant code
defmodule UserManager do
def assign_treatment_manager(email, vulnerability_id) do
if is_registered_and_authorized?(email) do
send_vulnerability_email(email, vulnerability_id)
end
end
defp send_vulnerability_email(email, vulnerability_id) do
# Email sending logic here
end
defp is_registered_and_authorized?(email) do
# Verification logic here
end
end
In the secure version of the code, the system checks whether the user is registered and still part of the organization before assigning them as a treatment manager. Also, when a user is removed from all projects, their access is effectively revoked.