poshbotio
Provide mode for restricting plugin and access management
Hiyo!
It might be worth considering a 'read-only' mode for plugin management. This would reduce the (presumably) low risk of a bad actor installing and using plugins/modules that aren't explicitly allowed in existing configuration files.
You might consider something similar for the various access control commands as well.
Expected Behavior
Bad actors who manage to gain access to a privileged PoshBot account can only run the commands available in existing plugins
Current Behavior
Bad actors can install new plugins that may enable or augment bad behavior
Possible Solution
- a
-NoPluginManagementflag onStart-PoshBot, perhaps with a corresponding configuration key/value - a
-NoAccessManagementflag onStart-PoshBot, perhaps with a corresponding configuration key/value
Context
One of the controls that limits risk with PoshBot is that commands must meet a whitelist of sorts. Allowing an attacker to add to that whitelist makes this ineffective (for this particular scenario)
Cheers!
I think that's reasonable @RamblingCookieMonster. We'll probably also need matching switches on New-PoshBotConfiguration and appropriate responses in the builtin commands to notify the user that plugin/access management functionality is in read-only mode.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}