Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Castellum
Documentation
Commits
3074e31c
Commit
3074e31c
authored
Apr 05, 2022
by
Hayat
Browse files
different wording
parent
068fb8aa
Pipeline
#13225
passed with stage
in 28 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
source/security.rst
View file @
3074e31c
...
...
@@ -90,7 +90,9 @@ We chose to split the data into three different categories:
Storing contact data in a separate database provides a clear structure for
developers that should help avoiding critical data leaks. Even if an attacker
is able to dump a whole table or even a whole database, this structure still
limits the impact.
limits the impact. An attacker without access to castellum would need physical
access to both databases in order to get the same level of access as with
castellum.
However, it is important to understand that the barrier between recruitment and
contact data is not that high. Since castellum has full access to both, an
...
...
@@ -98,9 +100,6 @@ attacker can also gain full access. Spreading the system across several
databases on different servers or even in different organizations does not help
much if there is still a single point of entry.
The database separation provides reasonable protection against attackers with
physical access to only one database, but without access to castellum.
Monitoring
----------
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment