2019-07-12 - System Operations and Management SIG Agenda and Notes

Topics:

• Intra-module communication and database communication encryption (okapi supporting TLS)

• Reliance on a single point of failure for authorization (mod-authtoken) - Code signing

• Superuser database access

• Code verification

We should log these issues into JIRA.

Wayne: In order to take advantage of these exploits, something else needs to break.  It does put more pressure on the Sysadmin.  It's not the right way to do things, but it's not a big risk.  The vendors will be taking on this risk.  As a customer, you need to be aware and make sure they are taking on the risk correctly.

Tod: what are practical ways to protect against this?

Wayne: it would take some thought and work 

Philip: need to balance this against performance.

Wayne, one way to protect is build your own docker container and not trust anyone else's.  It's a pain and not what we want it to be.  Intermodule communication in Kuberneties between nodes are encrypted.  Brandon is not sure (needs investigation).  Wayne is most concerned about super user access to the database.

Ingolf: We need JIRA tickets for these issues.

***Todo - Tod: Should bring up in the TC as they are technical debt.

Wayne, as a sys admin, these are risks I'm willing to take on.  The super user database issue makes him uncomfortable.  e would run patron data from a separate database.

*** Todo - Wayne will create the JIRA tickets.  Jo will be a watcher.  Due next Friday prior to this meeting for review by the SIG.

Are these a weakness of FOLIO or the hoster's network?  But security by design is better.