Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable adding new plugins (for security) while still checking for plugin updates #15966

Open
mattab opened this issue May 20, 2020 · 0 comments
Open

Disable adding new plugins (for security) while still checking for plugin updates #15966

mattab opened this issue May 20, 2020 · 0 comments
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Milestone
For Prioritization

Comments

@mattab
Copy link
Member

mattab commented May 20, 2020

Currently users who want to secure their Matomo installation as much as possible need to follow recommendations in https://matomo.org/docs/security-how-to/

as part of this guide, it would make sense if could add one more step which would be to Prevent Super Users from installing or activating new plugins from the Marketplace. Without this step, any super user could install any plugin from the marketplace which wouldn't necessarily be secure. (to be very secure, one company may decide to individually review plugins before enabling them. super users shouldn't be able to install plugins from marketplace ideally).

Current situation

  1. we set enable_plugin_upload = 0 by default which prevents new plugins from being "uploaded" manually, but still the marketplace can be used
  2. one can disable the Marketplace plugin, but it can be re-enabled via the UI anyway so that doesn't work (and disabling marketplace means you lose the security benefits of checking for updates for existing plugins)

Proposed solution

So ideally we need a new feature/INI setting for example: enable_install_plugin_from_marketplace set to 1 by default, but when set to 0 then the feature to download the code from marketplace would be disabled (with a popup explaining why and which setting to change if needed).
@mattab mattab added c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. c: Onboarding For issues that make the experience of getting Matomo up and running better. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. labels May 20, 2020
@tsteur tsteur removed the c: Onboarding For issues that make the experience of getting Matomo up and running better. label May 20, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Projects
None yet
Milestone
For Prioritization
Development

No branches or pull requests
3 participants
@tsteur @mattab @innocraft-automation