Metadata with sensitive information - Go

Metadata with sensitive information - Go

Need

Protection of sensitive information in metadata

Context

  • Usage of Go 1.16 for building high-performance and scalable applications
  • Usage of gin-gonic/gin for building web applications in Go

Description

Non compliant code

        package main

import (
	"github.com/gin-gonic/gin"
)

func main() {
	r := gin.Default()

	r.GET("/metadata", func(c *gin.Context) {
		c.JSON(200, gin.H{
			"username": "admin",
			"password": "password123",
		})
	})

	r.Run()
}
        
        

The above code is a simple example of a Go backend application using the Gin framework. A GET endpoint /metadata is defined to return a JSON response.

However, this code is vulnerable as it exposes sensitive information (username and password) in the metadata. This sensitive information is returned whenever a GET request is made to the /metadata endpoint.

The vulnerability lies in the /metadata route handler function. The function responds with a JSON object containing a username and password. This information should not be publicly accessible as it can be used by malicious users to gain unauthorized access to the system.

In a real-world scenario, this could represent any type of sensitive information being exposed through metadata files, such as API keys, database credentials, or other sensitive configuration details.

Steps

  • Remove sensitive information from the metadata response
  • Implement authentication and authorization to restrict access to sensitive information
  • Store sensitive information securely, such as in a database with proper encryption
  • Implement input validation and sanitization to prevent injection attacks
  • Regularly review and update the application's security measures

Compliant code

        package main

import (
	"github.com/gin-gonic/gin"
)

func main() {
	r := gin.Default()

	r.GET("/metadata", func(c *gin.Context) {
		c.JSON(200, gin.H{
			"username": "admin",
		})
	})

	r.Run()
}
        
        

The original code was exposing sensitive information (username and password) through a public metadata endpoint. This is a serious security vulnerability as it can lead to unauthorized access to the system.

The fixed code removes the password from the metadata response. Now, only the username is returned which is less sensitive. However, this is just a quick fix. For a more secure system, consider the following:

- Implement authentication and authorization: Only authenticated and authorized users should be able to access sensitive information. This can be done using various methods such as JWT (JSON Web Tokens), OAuth, etc.

- Store sensitive information securely: Sensitive information such as passwords should be stored securely in a database. They should be hashed and salted to prevent them from being exposed even if the database is compromised.

- Implement input validation and sanitization: This is to prevent injection attacks which can also lead to unauthorized access. All inputs should be validated and sanitized before they are processed.

- Regularly review and update the application's security measures: Security is not a one-time thing. It should be regularly reviewed and updated to protect against new vulnerabilities and threats.

References